WO2002033880A9 - Data reproducing/recording apparatus / method and list updating method - Google Patents
Data reproducing/recording apparatus / method and list updating methodInfo
- Publication number
- WO2002033880A9 WO2002033880A9 PCT/JP2001/009182 JP0109182W WO0233880A9 WO 2002033880 A9 WO2002033880 A9 WO 2002033880A9 JP 0109182 W JP0109182 W JP 0109182W WO 0233880 A9 WO0233880 A9 WO 0233880A9
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- data
- list
- content
- identifier
- data storage
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims description 459
- 238000012545 processing Methods 0.000 claims description 389
- 230000008569 process Effects 0.000 claims description 345
- 238000013500 data storage Methods 0.000 claims description 226
- 238000003860 storage Methods 0.000 claims description 47
- 238000010926 purge Methods 0.000 claims description 26
- 230000005540 biological transmission Effects 0.000 claims description 19
- 238000004590 computer program Methods 0.000 claims description 18
- 230000004044 response Effects 0.000 claims description 7
- 238000010586 diagram Methods 0.000 description 47
- 238000004422 calculation algorithm Methods 0.000 description 18
- 239000000872 buffer Substances 0.000 description 16
- 238000012937 correction Methods 0.000 description 14
- 238000004891 communication Methods 0.000 description 13
- 230000006870 function Effects 0.000 description 11
- 230000004075 alteration Effects 0.000 description 9
- 238000012795 verification Methods 0.000 description 9
- 238000009826 distribution Methods 0.000 description 6
- 238000007726 management method Methods 0.000 description 4
- 238000004519 manufacturing process Methods 0.000 description 4
- 230000005055 memory storage Effects 0.000 description 4
- 238000012546 transfer Methods 0.000 description 4
- 238000012790 confirmation Methods 0.000 description 3
- 230000005764 inhibitory process Effects 0.000 description 3
- 230000000694 effects Effects 0.000 description 2
- 230000000717 retained effect Effects 0.000 description 2
- 101100042258 Neurospora crassa (strain ATCC 24698 / 74-OR23-1A / CBS 708.71 / DSM 1257 / FGSC 987) sem-1 gene Proteins 0.000 description 1
- 240000007594 Oryza sativa Species 0.000 description 1
- 235000007164 Oryza sativa Nutrition 0.000 description 1
- 230000003213 activating effect Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000007423 decrease Effects 0.000 description 1
- 230000008030 elimination Effects 0.000 description 1
- 238000003379 elimination reaction Methods 0.000 description 1
- 230000007717 exclusion Effects 0.000 description 1
- 238000001125 extrusion Methods 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000003672 processing method Methods 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000008929 regeneration Effects 0.000 description 1
- 238000011069 regeneration method Methods 0.000 description 1
- 235000009566 rice Nutrition 0.000 description 1
- 230000007704 transition Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/00086—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy
- G11B20/0021—Circuits for prevention of unauthorised reproduction or copying, e.g. piracy involving encryption or decryption of contents recorded on or reproduced from a record carrier
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B20/00—Signal processing not specific to the method of recording or reproducing; Circuits therefor
- G11B20/10—Digital recording or reproducing
-
- G—PHYSICS
- G11—INFORMATION STORAGE
- G11B—INFORMATION STORAGE BASED ON RELATIVE MOVEMENT BETWEEN RECORD CARRIER AND TRANSDUCER
- G11B27/00—Editing; Indexing; Addressing; Timing or synchronising; Monitoring; Measuring tape travel
- G11B27/10—Indexing; Addressing; Timing or synchronising; Measuring tape travel
- G11B27/102—Programmed access in sequence to addressed parts of tracks of operating record carriers
- G11B27/105—Programmed access in sequence to addressed parts of tracks of operating record carriers of operating discs
Definitions
- the present invention relates to a data reproducing device, a data recording device, a data reproducing method, a data recording method, a list updating method, and a program providing medium.
- a data reproducing device that enables version management of a revocation list generated for the purpose of eliminating unauthorized media, illegal content, etc., and enables efficient reference and use of a relocation list.
- the present invention relates to a data recording device, a data reproducing method, a data recording method, a list updating method, and a program providing medium.
- a flash memory is one of the most frequently used memory elements for content.
- a flash memory is a form of an electrically rewritable nonvolatile memory called an EEPROM (Electrically ly Erasable Programmable ROM).
- EEPROM Electrically rewritable nonvolatile memory
- Conventional EEPROMs consist of two transistors, each occupying a large area per bit.Therefore, there is a limit to increasing the degree of integration.However, flash memory has all bits at once. Realization of one bit in one transition by erasure method Became possible. Flash memory is expected to be a substitute for recording media such as magnetic disks and optical disks.
- a memory card in which a flash memory is detachably attached to a data recording / reproducing device. If this memory card is used, a digital audio recording / reproducing apparatus that uses a memory card instead of a conventional disc-shaped medium such as a CD (Compact Disc: registered trademark) or MD (Mini Disc: registered trademark) can be realized. It can be realized.
- a CD Compact Disc: registered trademark
- MD Mini Disc: registered trademark
- a file management system called a FAT (File Allocation Table) system is generally used as an access information table.
- FAT File Allocation Table
- a necessary file is defined, necessary parameters are set in the file in order from the beginning of the file.
- the file size can be made variable, and one file can be composed of one or more management units (sectors, clusters, etc.).
- the relevant items of this management unit are written in a table called FAT.
- This FAT system can easily construct a file structure irrespective of the physical characteristics of the recording medium. Therefore, the FAT system can be used not only for floppy disks and hard disks, but also for magneto-optical disks.
- the FAT system is also used in the above-mentioned memory card.
- Various contents such as music data, image data, and programs, can be transmitted from a user via a playback device used as a playback device, a game device, or an information device such as a PC, or via a connected input means.
- the information is called out from the above-mentioned flash memory based on the above-mentioned FAT, for example, and is reproduced through the information device itself or a connected display or speaker.
- One method of restricting usage by users is to encrypt distributed content.
- various contents such as audio data, image data, and game programs that are encrypted via the Internet or the like are distributed, and the distributed ciphers are provided only to those who are confirmed to be legitimate users.
- This is a means for decrypting encrypted content, that is, a configuration in which a decryption key is assigned.
- the encrypted data can be returned to usable decrypted data (plaintext) by a decryption process according to a predetermined procedure.
- Data encryption and decryption methods using an encryption key for such information encryption processing and a decryption key for decryption processing are well known in the art.
- a revocation list has been proposed as a method for eliminating illegal media and illegal content in content recording and reproducing devices.
- the device that records and plays back content compares the identifier of the content storing content with the content identifier listed in the revocation list when playing back the content, and if a matching identifier is found, it is illegal.
- By performing processing to stop playback processing as content it is possible to eliminate unauthorized use of content.
- the relocation list is stored, for example, in the internal memory of the recording / reproducing apparatus, and is called up from the internal memory as needed to execute a reference process using the list.
- a revocation list storing an invalid content identifier is read from the internal memory and reference processing is executed.
- the device repeatedly executes processing such as reading out a relocation list storing an unauthorized media identifier from the internal memory and executing a reference processing.
- the process of reading the revocation list becomes necessary repeatedly when a new medium is mounted and when a new content is processed, resulting in a complicated process.
- a relocation list containing an unauthorized content identifier was used for the purpose of eliminating unauthorized content, and an unauthorized media identifier was stored for the purpose of eliminating unauthorized media.
- the relocation list was used, and the relocation that was referred to was used depending on the intended use. In this case, on the device side, it is necessary to select one relocation list from a plurality of stored relocation lists, and after the selection, collate with a content or a media identifier.
- These revocation list selection processes are repeatedly required when a new medium is mounted or when a new content is processed, resulting in a complicated process. Disclosure of the invention
- the present invention provides a configuration that eliminates such tampering and updating of the unauthorized relocation list. Specifically, a version is set in the revocation list, and the content is read out. Then, compare the purge list of the revoke list stored in the device with the purge list of the valid revocation list in the content header to confirm that the version of the retained list is not old.
- Data reproduction device, data recording device, data reproduction method, data recording method, and the like which can eliminate illegal use of content due to illegal revocation list abuse by processing such as enabling content processing on condition of The purpose is to provide a list updating method and a program providing medium.
- the present invention eliminates such complicated processing and sets the revocation list in the memory interface of the device. After the setting, the revocation list is continuously used in the memory interface. Data that enables the elimination of unauthorized media and content, thereby improving processing efficiency It is an object of the present invention to provide a reproducing device, a data recording device, a data reproducing method, a data recording method, and a program providing medium.
- the present invention eliminates such complicated processing, stores identifiers of different categories of media and content in one relocation, and allows a device to select a relocation list without having to select a relocation list.
- a data reproduction device, a data recording device, a data reproduction method, and a data reproduction device that can remove illegal media and illegal content by applying a common revocation list to achieve efficient processing.
- the purpose is to provide a recording method and a program providing medium.
- a data reproducing apparatus for executing a reproduction process of content stored in a data storage means.
- An internal memory that stores a relocation list having version information indicating the old and new of the list, and a list storing the identifier of at least one of a data storage unit and a content that is a processing prohibition target;
- a comparison process is performed between the valid revocation list 'version' stored in the header information of the content to be reproduced and the purge list stored in the internal memory, and the revocation list stored in the internal memory is executed.
- the controller performs, as a process associated with the reproduction, a data storage unit or a content stored in a relocation list stored in the internal memory.
- Identifier of at least one of the data storage means or content stored in the list and identification of the content to be played When the identifier of the data storage means storing the child or the content to be reproduced matches, the processing for stopping the data reproduction is executed.
- the controller comprises: a memory interface configured to execute an access to the data storage unit; and a control unit configured to control the memory interface.
- the memory interface includes: a version of a valid revocation list stored in header information of a content to be reproduced, based on a data reproduction request command from the control unit; It is characterized in that it performs a comparison process with the version of the revocation list stored in the internal memory.
- the controller performs a comparison process between the version of the revocation list for update received from the outside and the version of the revocation list stored in the internal memory.
- the revocation list is updated by the renewal list on the condition that the version of the revocation list stored in the internal memory is newer than the renewal list. It has a configuration for executing processing.
- the controller performs a data falsification check on an update reception list received from the outside based on a data falsification check value (ICV).
- the present invention is characterized in that a configuration for executing a process of updating a relocation list with the updating revocation list based on a determination that data has not been tampered with is provided.
- a second aspect of the present invention is:
- An internal memory which stores a revocation list having purge information indicating the new and old of the list, the list storing identifiers of at least one of a data storage unit and a content which is a processing prohibition target;
- Valid revocation list stored in the header information of the recording target content A controller for executing a process of setting a setting value for instructing execution of a playback process without reference to a revocation list, and executing a process of storing content in the data storage unit;
- the data recording device has:
- the controller has a memory interface for executing access to the data storage means, and a control unit for executing control of the memory interface.
- the memory interface based on a header information generation command accompanying the data recording from the control unit, rewrites the version of the effective revocation list stored in the header information of the content to be recorded. It is characterized in that it is configured to execute processing for setting as a set value that can be reproduced without reference to the case list.
- the controller executes a comparison process between a version of the update relocation list received from the outside and a version of the relocation list stored in the internal memory. And updating the revocation list by the update revocation list on the condition that the purge list of the revocation list stored in the internal memory is newer than the update revocation list. It has a configuration for executing processing.
- the controller executes a data tampering check based on a data tampering check value (ICV) for an update revocation list received from outside, and It is characterized in that it is configured to execute a relocation list updating process using the updating relocation list based on a determination that there is no tampering.
- IOV data tampering check value
- a third aspect of the present invention provides
- the reproducing related processing executing step includes an identifier of at least one of a data storage unit and a content stored in a relocation list stored in the internal memory. Executing a comparison process with the identifier of the content to be played back or the identifier of the data storage unit storing the content to be played back; and storing the data stored in the revocation list in the comparison process. If the identifier of at least one of the means or content and the identifier of the content to be played back or the identifier of the data storage means storing the content to be played back match, the data playback is stopped. A step to perform the processing;
- the data playback device comprises: a memory interface for executing access to the data storage means; and a control unit for executing control of the memory interface.
- the data reproducing method further comprises: a step of transmitting a data reproduction request command from the control unit to the memory interface; and Performing a process of comparing the purge list of the valid relocation list stored in the header information of the content to be reproduced with the version of the relocation list stored in the internal memory.
- a fifth aspect of the present invention provides
- a list update characterized by executing a relocation list update process using the update revocation list on condition that the version is newer than the update revocation list. In the way.
- the method includes a step of executing a data tampering check based on a data tampering check value (ICV) with respect to an update relocation list received from the outside, and there is no data tampering. Based on the determination, the updating process of the relocation list by the updating relocation list is executed.
- IOV data tampering check value
- a sixth aspect of the present invention provides
- a program providing medium for providing a program for causing a computer to execute a data playback process in a data playback device that executes a data playback process for storing data stored in the data storage means;
- the computer program comprises:
- the purging of the revocation list stored in the internal memory performs a process associated with the reproduction of the reproduction target content on condition that the version set in the header information of the reproduction target content is not too old. Execution of playback-related processing Steps and
- a data reproducing apparatus for executing a reproduction process of content stored in a data storage means.
- a revocation list having identifier data of at least one of the data storage means and the content for which processing is prohibited is read into the memory interface for accessing the data storage means, and continuously inside the memory interface.
- a data reproducing apparatus is characterized in that a revocation list is held in a referable state in different processing.
- the data reproducing apparatus is a data storage device having at least one of identifier data of a data storage means or a content which is a processing prohibition target with respect to the memory interface.
- a control unit that executes a process of transmitting a revocation list set command, which is a set command of the application list, as a start-up process, wherein the memory interface responds to the reception of the relocation list set command.
- the revocation list is read into a memory interface, and a revocation list set process enabling a reference process in the memory interface is performed.
- the memory interface executes a data tampering check on a relocation list read into the memory interface based on a data tampering check value (ICV).
- IOV data tampering check value
- the present invention is characterized in that a revocation list set process for enabling a reference process in the memory interface is executed on condition that it is determined that the data has not been tampered with overnight.
- the memory interface receives a data storage means identifier from a data storage means in which data to be reproduced is recorded, and receives the received data storage means identifier. And collating with the identifiers listed in the revocation list set in the memory interface. It is characterized in that it has a configuration to stop the data reproduction process when the children match each other.
- the memory interface acquires an identifier of the content to be reproduced from the header information of the content stored in the data storage means, and acquires the acquired content identifier. And an identifier listed in a revocation list set in the memory interface, and if the identifiers match each other, executing a process of stopping the data reproduction process It is characterized by having.
- the revocation list has a configuration having both identifier data of a data storage means identifier targeted for processing inhibition and a content targeted for processing inhibition.
- an eighth aspect of the present invention provides
- the data storage device is characterized in that the relocation list is held in a referable state in different processes.
- At least one of data storage means and content identifier data which is a processing prohibition target, is stored in the memory interface.
- the relocation list is read into a memory interface, and a revocation list set process enabling reference processing in the memory interface is performed.
- the memory interface Ace performs a data tampering check based on a data tampering check value (ICV) on a relocation list read into the memory interface, and performs the memory interface under the condition that no data tampering is determined. It is characterized in that it has a configuration for executing a revocation list / set process that enables reference processing in a case.
- IOV data tampering check value
- the memory interface receives a data storage unit identifier from a data storage unit that records data to be recorded, and the received data storage unit identifier and the memory interface It is characterized in that it has a configuration to execute matching against the identifiers listed in the repo list set in the and to stop the data recording process when the identifiers match each other.
- the revocation list has a configuration in which both the identifiers of the data storage means identifiers for which processing is prohibited and the identifiers of the contents whose processing is prohibited are described.
- a ninth aspect of the present invention is a
- a data reproducing method for performing a reproducing process of content stored in a data storage means is a data reproducing method for performing a reproducing process of content stored in a data storage means.
- the control unit may provide an identifier of at least one of the data storage device and the content whose processing is prohibited to the memory interface for accessing the data storage means.
- Revocation list which is a set instruction of the revocation list containing data. Executing a command transmission process as a start-up process; reading the relocation list into the memory interface in response to receiving the revocation list / set command in the memory interface; Executing a revocation list / set process enabling reference processing within the face.
- a data tampering check based on a data tampering check value (ICV) is performed on a revocation list read into the memory interface, and data tampering is performed. And performing a relocation list / set process enabling a reference process in the memory interface on condition that a determination of absence is made.
- IOV data tampering check value
- a data storage means identifier is received from a data storage means in which data to be reproduced is recorded, and the received data storage means identifier and
- the method is characterized by including a step of performing collation with an identifier listed in a repo list set in the memory interface, and, when the identifiers match, stopping the data reproduction process.
- an identifier of the content to be reproduced is obtained from header information of the content stored in the data storage means, and the obtained content is obtained. Includes a step of comparing the identifier with an identifier listed in the relocation list set in the memory interface and, if the identifiers match, stopping the data reproduction process. It is characterized by.
- a tenth aspect of the present invention provides:
- At least one of the data storage device or the content for which the processing is prohibited is provided from the control unit to the memory interface for accessing the data storage means. Executing a process of transmitting a revocation list 'set command, which is a command for setting a relocation list having identifier data, as a start-up process; and receiving the revocation list' set command at the memory interface. Reading a revocation list into a memory interface in response to the request, executing a revocation list set process enabling reference processing in the memory interface, and the memory interface Revocation list set in Determining whether data recording processing is possible or not by referring to.
- a data tampering check based on a data tampering check value is performed on the relocation list read into the memory interface,
- a revocation list / set process for enabling a reference process in the memory interface is performed on condition that a determination of no tampering has been made.
- a data storage means identifier is received from data storage means in which data to be reproduced is recorded, and the received data storage means identifier and the memory interface are received. It is characterized in that it includes a step of checking the identifiers listed in the relocation list set in the face and stopping the data recording process if the identifiers match each other.
- a eleventh aspect of the present invention provides:
- a program providing medium for providing a program for causing a computer to execute a content reproduction process stored in a data storage means on a computer The computer program is
- first and second aspects of the present invention include:
- a data reproducing apparatus for executing a reproduction process of the content stored in the storage means.
- a memory interface for executing access to the data storage means; and a control unit for executing control of the memory interface.
- the memory interface comprises:
- the memory interface receives a data storage unit identifier from the data storage unit that stores the data to be reproduced, and compares the received data storage unit identifier with an identifier listed in the relocation list. If the identifiers match, the data playback process is stopped, and
- An identifier of the content to be reproduced is obtained from the header information of the content stored in the data storage means, and the obtained content identifier is compared with the identifier listed in the relocation list,
- the data reproducing apparatus is characterized in that it has a configuration for executing a process of stopping the data reproducing process when the identifiers match each other.
- the memory interface receives an identifier of a data storage unit which is a medium based on a media recognition command from the control unit, and receives the received data. It has a configuration in which a collation process is performed between the storage unit identifier and an identifier listed in the revocation list.
- the memory interface executes a mutual authentication process with a data storage unit, which is a medium, based on a media recognition command from the control unit.
- a data storage means identifier is received, and the received data storage means identifier is compared with an identifier listed in the revocation list.
- the memory interface includes a content identifier stored in header information of the content to be reproduced, based on a data reproduction request command from the control unit. It is characterized in that it has a configuration of acquiring and acquiring the acquired content identifier and an identifier listed in the relocation list.
- the memory interface executes a data tampering check based on a data tampering check value (ICV) for an update revocation list received from outside, It is determined that data has not been tampered with, and the version of the update relocation list received from outside is And comparing the version of the relocation list stored in the internal memory with the version of the relocation list stored in the internal memory.
- the renewal list is updated by the update relocation list on condition that the renewal list is confirmed.
- a fifteenth aspect of the present invention provides:
- a memory interface for executing access to the data storage means, and a control unit for executing control of the memory interface;
- the memory interface comprises:
- An internal memory storing a revocation list having respective identifier data of the data storage device and the content which are subject to processing inhibition;
- the memory interface receives an identifier of the data storage means for which data is to be recorded, executes comparison between the received identifier of the data storage means and a list identifier of the relocation list, and
- the data recording device is characterized in that it has a configuration for executing a process of stopping data recording when the values match.
- the memory interface receives an identifier of a data storage unit which is a medium based on a media recognition command from the control unit, and the received data storage unit
- the configuration is such that a matching process is performed between an identifier and an identifier listed in the revocation list.
- the memory interface executes a mutual authentication process with a data storage unit, which is a medium, based on a media recognition command from the control unit.
- a data storage unit identifier is received, and the received data storage unit identifier is compared with an identifier listed in the revocation list.
- a data storage means identifier is received from the data storage means in which the data to be reproduced is recorded, and the received data storage means identifier is listed in the revocation list. When the identifiers match each other, the playback process is stopped, and
- the identifier of the content to be reproduced is obtained from the header information of the content stored in the data storage means, and the obtained content identifier is compared with the identifier listed in the revocation list, and the identifier is obtained. If the mutual match, Ru data reproducing method and executes a process to stop the data reproduction process 0
- the memory interface receives an identifier of a data storage unit as a medium based on a medium recognition command from a control unit, and stores the received data in the memory.
- a collation process is performed between the means identifier and an identifier listed in the repoke list.
- the memory interface executes a mutual authentication process with data storage means as a medium based on a media recognition command from a control unit, and In the authentication process, the data storage means identifier is received, and the received data storage means identifier is compared with an identifier listed in the relocation list.
- the memory interface acquires a content identifier stored in the header information of the reproduction target content based on a data reproduction request command from a control unit, A collation process is performed between the acquired content identifier and an identifier listed in the relocation list.
- a sixteenth aspect of the present invention provides:
- a data recording method for executing a recording process of the content stored in the data storage means Yes,
- the data recording method is characterized by executing a process of stopping data recording when the identifiers match with each other.
- the memory interface receives an identifier of a data storage unit as a medium based on a medium recognition command from a control unit, and stores the received data A collation process is performed between the means identifier and an identifier listed in the repoke list. Further, in one embodiment of the data recording method of the present invention, the memory interface executes a mutual authentication process with the data storage means based on a media recognition command from a control unit. Receiving the data storage means identifier in the mutual authentication processing, and executing a collation processing of the received data storage means identifier with an identifier listed in the relocation list.
- a seventeenth aspect of the present invention provides:
- a data storage means identifier is received from the data storage means in which the data to be reproduced is recorded, and the received data storage means identifier is listed in the revocation list. Performing a collation with the identified identifier, and if the identifiers match each other, stopping the data reproduction process;
- the identifier of the content to be played back is obtained from the header information of the content stored in the data storage means, and the obtained content identifier is compared with the identifier listed in the relocation list. If the identifiers match each other, stopping the data reproduction process;
- a program providing medium characterized by having: Further, an eighteenth aspect of the present invention provides:
- a computer that causes a computer to execute a recording process of content stored in a data storage unit; a program providing medium that provides a program; and the computer program includes:
- a memory interface for executing an access to the data storage means receives an identifier of the data storage means for which data is to be recorded, and receives an identifier of the received data storage means; and a list identifier of the relocation list. And a step of stopping the data recording when the identifiers match each other, in a program providing medium.
- the program providing medium is, for example, a medium that provides a computer program in a computer-readable format to a general-purpose computer system that can execute various programs code.
- the form of the medium is not particularly limited, such as a recording medium such as CD, FD, and MO, or a transmission medium such as a network.
- Such a program providing medium is defined as a structural or functional cooperative relationship between a computer program and the providing medium for realizing the functions of a predetermined combination program on a computer system. It is. In other words, by installing the computer program in the computer system via the providing medium, a cooperative operation is exerted on the computer system, and the same operation and effect as in the other aspects of the present invention are obtained. You can do it.
- FIG. 1 is a diagram illustrating the concept of using the data processing device of the present invention.
- FIG. 2 is a diagram showing a configuration of a device and a medium of the data processing device of the present invention.
- FIG. 3 is a diagram showing a configuration of a memory storage device of the data processing device of the present invention.
- FIG. 4 shows a detailed structure of a memory interface of a device in the data processing device of the present invention.
- FIG. 5 is a diagram showing a data configuration of a status register of a memory interface in the data processing device of the present invention.
- FIG. 6 is a diagram showing a detailed configuration of data stored in a medium in the data processing device of the present invention.
- FIG. 7 is a diagram illustrating a configuration of a security header set in correspondence with contents stored in a medium in the data processing device of the present invention.
- FIG. 8 is a diagram illustrating two modes of data encryption in the data processing device of the present invention.
- FIG. 9 is a diagram showing a configuration of a revocation list in the data processing device of the present invention.
- FIG. 10 is a diagram for explaining a block permission table (BPT) in the data processing device of the present invention.
- BPT block permission table
- FIG. 11 is a diagram showing a BPT storing process at the time of manufacturing the medium 1 in the data processing device of the present invention.
- FIG. 12 is a diagram showing a flow of the BPT storage processing at the time of manufacturing the medium 2 in the data processing device of the present invention.
- FIG. 13 is a diagram for explaining a specific example of a work permission table (BPT) in the data processing device of the present invention.
- BPT work permission table
- FIG. 14 is a diagram illustrating a configuration of a falsification check value generation process in the data processing device of the present invention.
- FIG. 15 is a diagram for explaining a falsification check value verification processing flow in the data processing device of the present invention.
- FIG. 16 is a diagram showing a device startup flow in the data processing device of the present invention.
- FIG. 17 is a diagram illustrating a configuration example of a file allocation table in the data processing device of the present invention.
- FIG. 18 is a diagram showing a flow (No. 1) at the time of media 1 recognition in the data processing apparatus of the present invention.
- FIG. 19 is a diagram showing a flow (part 2) at the time of media 1 recognition in the data processing device of the present invention.
- FIG. 20 is a diagram showing a flow (part 1) at the time of media 2 recognition in the data processing device of the present invention.
- FIG. 21 is a diagram showing a flow (part 2) at the time of media 2 recognition in the data processing device of the present invention.
- FIG. 22 is a diagram showing a mutual authentication processing sequence executed between a device and a medium in the data processing device of the present invention.
- FIG. 23 is a diagram showing a mutual authentication and key sharing processing flow (part 1) in the data processing device of the present invention.
- FIG. 24 is a diagram showing a flow (part 2) of a mutual authentication and key sharing process in the data processing device of the present invention.
- FIG. 25 is a diagram showing a flow of a file reading process in the data processing device of the present invention.
- FIG. 26 is a diagram showing a file write processing flow in the data processing device of the present invention.
- FIG. 27 is a diagram illustrating an encryption processing mode of data stored in a memory in the data processing device of the present invention.
- FIG. 28 is a diagram illustrating a triple DES applicable as an encryption processing mode of data stored in a memory in the data processing device of the present invention.
- FIG. 29 is a diagram illustrating an encryption processing mode of data stored in a memory in the data processing device of the present invention.
- FIG. 30 is a diagram for explaining a data encryption processing mode stored in a memory in the data processing apparatus of the present invention.
- FIG. 31 is a diagram for explaining a storage processing mode of a sector corresponding tampering check value in the data processing device of the present invention.
- FIG. 32 is a diagram for explaining an example of encryption processing of a sector-compatible content key and other keys in the data processing device of the present invention.
- FIG. 33 is a block diagram showing a key corresponding to a sector corresponding content in the data processing device of the present invention.
- FIG. 21 is a diagram for describing a decoding processing example of FIG.
- FIG. 34 is a diagram for explaining an example of processing between a device and a medium for a sector-corresponding content key and other keys in the data processing apparatus of the present invention.
- FIG. 35 is a diagram showing a (part 1) decryption / read processing flow of a file in the data processing device of the present invention.
- FIG. 36 is a view showing a file decryption / readout processing flow (No. 2) in the data processing device of the present invention.
- FIG. 37 is a diagram showing a flow of decryption processing of a content key and the like in the data processing device of the present invention.
- FIG. 38 is a diagram illustrating a decryption process D- using the storage key of the content key and other media in the data processing device of the present invention.
- FIG. 39 is a diagram showing a decoding process flow (part 1) of sector data in the data processing device of the present invention.
- FIG. 40 is a diagram showing a (second) decoding process flow of sector data in the data processing device of the present invention.
- FIG. 41 is a diagram showing a file encryption / encryption processing port (part 1) in the data processing device of the present invention.
- FIG. 42 is a diagram showing a file encryption write process (part 2) in the data processing device of the present invention.
- FIG. 43 is a diagram showing an encryption processing method for a content key and the like in the data processing device of the present invention.
- FIG. 44 is a diagram showing an encryption processing flow using a storage key of a media other than a content key in the data processing device of the present invention.
- FIG. 45 is a diagram showing a process flow (part 1) of encrypting sector data in the data processing device of the present invention.
- FIG. 46 is a diagram showing a process flow (part 2) of encrypting sector data in the data processing device of the present invention.
- FIG. 47 is a diagram showing a flow of updating a revocation list in the data processing device of the present invention.
- FIG. 1 shows the configuration of a content distribution system to which the data processing device of the present invention can be applied.
- content such as music data, image data, and other various programs is loaded from a system operator such as a content holder or a service provider 101 via a network such as the Internet, or a CD, DVD, or flash memory. It is stored in a medium 103 such as a memory card or the like which is various recording media, and is received or attached to the device 102 and reproduced and executed.
- the device is a device having a content reproduction function, such as a personal computer (P c), a reproduction-only device, a game device, etc., and has, for example, a display device for displaying image content and an input device for inputting user instructions.
- P c personal computer
- P c reproduction-only device
- game device etc.
- FIG. 2 shows a detailed configuration of a device for reproducing the content and a medium for storing the content in the configuration of such a content distribution system.
- FIG. 2 shows the detailed configuration of the device 200, the media 1 and 210, and the media 2 and 230.
- Media 1 and 210 are media that have a control unit that supports only simple data reading and writing processes, and media 2 and 230 execute mutual authentication with the device on which the media is mounted. And a medium having a controller that executes encryption processing of content stored in the medium. Both media 1 and 210 and media 2 and 230 can be attached to Depice 200.
- the display 200 in FIG. 2 is a communication unit 201 for executing data transmission / reception processing via data communication means such as the Internet, an input unit 202 for inputting various instructions, a message, a content, and the like.
- a device controller that has a display unit 203 that executes these operations, a control unit 205 that executes these controls, and a memory interface (IZF) unit 300 that has an interface function for data input / output processing with media.
- a memory section 207 as an internal memory storing a content file group and a revocation list as invalid information of invalid media or content.
- the data files such as the relocation list stored in the internal memory are managed by the file allocation table and have a readable configuration.
- the device 200 plays back the content after confirming that the content to be played back does not correspond to the revoked media and the revoked content stored in the revocation list when playing back the content. If the playback target content is listed in the relocation list, a playback error occurs and the playback process is not executed. Reproduction processing using the revocation list and the revocation list will be described in detail later.
- Each of the media 1 and 210 has a control unit 211 for controlling data input / output and a memory unit 212 for storing the content.
- the memory unit 212 stores only the content together with the corresponding header information. Instead, it stores a media ID as unique identification information for each media, and a BPT (Block Permission Table), which is an access permission table describing memory access control information.
- BPT Block Permission Table
- the file system of device 200 After recognizing the media, the file system of device 200 reads the BPT, which is an access permission table, from the media, and transfers the BPT to the memory interface 300, which directly accesses the media, and manages the BPT. After receiving the BPT, the memory-in-face unit 300 verifies the falsification check value (ICV) of the received BPT. Only when the I CV is determined to be valid is the BPT stored as valid. When receiving an instruction to access the memory of the media, the memory interface unit 300 executes only the access based on the BPT of the media. The configuration of the BPT and the processing using the BPT will be described in detail later.
- the BPT which is an access permission table
- the media 2 and 230 are composed of a controller 231, and a memory unit 232.
- the memory unit 232 stores contents together with corresponding header information, and further includes a BPT (Block) which is an access permission table. Permission Table) is stored.
- the controller 231 has a memory interface (IZF) section 234 as an interface for storing data in the memory section 232 or reading data, a media 2 ID as a media identifier, and mutual authentication processing.
- the authentication key K ake to be applied, the storage key K sto which is an encryption key when the content is stored in the memory 2 3 2, and Initial value when encrypting the key to be encrypted.
- IV Internal memory 235 that stores keys, etc., an encryption processing unit 236 that performs authentication processing or content encryption and decryption processing, and has registers.
- a control unit 233 that controls each unit.
- Fig. 3 shows the data storage configuration of each memory section of media 1, 210 and media 2, 230.
- the memory unit is, for example, a flash memory, which is a form of an electrically erasable non-volatile memory called an ERPROM (Electrically Erasable Programmable ROM).
- ERPROM Electrically Erasable Programmable ROM
- the flash memory has a plurality of blocks from 1 to N, and each block is composed of a plurality of sectors from 1 to M as shown in (b).
- Each sector is composed of a data section containing actual data and a redundant section containing redundant data such as error correction codes as shown in (c).
- the redundant portion may store an ICV as a sector data alteration check value in the sector portion of each sector.
- the memory interface (I / F) section 300 returns the contents of the status register.
- An instruction to execute the process of encrypting and writing data to the specified sector based on the set header information is an instruction to execute the process of encrypting and writing data to the specified sector based on the set header information.
- An instruction to execute processing to set a revocation list which is a list of illegal media and illegal contents, in the memory interface.
- This register is used to save the internal status of the memory-in face.
- Figure 5 shows an example of the status register configuration. Each bit has the following meaning.
- Bit 1 Read success flag (1: success, 0: fail) This bit is used to determine whether data read from memory was successful.
- Bit 2 (bit 2): write success flag (1: success, 0: failure) This bit is used to determine whether data writing to the memory has succeeded.
- Bit 3 (bit 3): Media 1 set flag (1: set, 0: not set)
- This bit is used to determine whether the connected media 1 is available.
- Bit 4 (bit 4): Media 2 set flag (1: set, 0: not set)
- This bit is used to determine whether the connected media 2 is available.
- Bit 5 Bit 5: Media 1 valid flag (1: valid (0K), 0: invalid (NG))
- the identifier (ID) of the connected medium 1 is set in the revocation list (Revocation List). 1 (excluded) This bit is used to determine whether the media is excluded.
- Bit 7 (bit 7): Header set success flag (1: success, 0: fail) This is a bit for determining whether the header has been set in the memory interface.
- bit 8 (bit 8): header generation success flag (1: success, 0: failure (fail))
- This bit is used to determine whether header generation was successful.
- Bit 9 (bit 9): Revocation List set flag (1: set, 0: not set)
- This bit is used to determine whether the relocation list for updating (Revocation List) is valid.
- the status register 301 holds the status information of these interface (I / F) sections 300.
- Controls the memory interface such as various registers and transmission / reception buffers.
- the following data is stored in the memory section 321 as key information necessary for the encryption processing.
- K dist Delivery key included in the security header (Security Header) of non-content stored in media 2. Encrypt the content I C V generation key K icv_cont and the content key K c.
- K icv_sh Security header ICV generation key used when generating the ICV of the security header (Security Header).
- I Vsh Initial value (IV) used to generate I CV of security header (Security Header) 0
- MKake Master key for mutual authentication.
- I Vake Initial value (IV) to be applied to the process of generating a key for mutual authentication 0
- I Vauth Initial value for data generation at the time of mutual authentication (IV: Initial Value)
- MKicv_rl Master key for generating the I CV key of the revocation list.
- I Vicv_rl Initial value (IV: Initial Value) when generating the I CV key of the revocation list (Revocation List) 0
- I Vrl Initial Value (IV) used when generating ICV of Revocation List (Revocation List) 0
- IV-keys Initial value when encrypting the content encryption key on media 2 (IV: Initial Value) 0
- MKicvJjpt One master key that generates an ICV key for BPT (Block Permission Table), which is access permission information.
- I Vicv_bpt Initial value (IV) used when generating an I CV key for generating an I CV key of BPT (Block Permission Table), which is access permission information.
- I Vbpt Initial value (IV: Initial Value) of BPT (Block Permission Table) which is access permission information 0
- Input / output interface to external memory (media 1 and 2).
- the external memory include a memory card equipped with a flash memory.
- content, header information associated with content recording / reproduction, and a block 'Permission' table (BPT) are input / output via this external memory input / output interface.
- BPT block 'Permission' table
- I / O interface to internal memory. Through this interface, input / output of, for example, a revocation list stored in the internal memory is executed. From the external memory input / output interface 324 and the internal memory input / output interface 325, the following signals are output to the external memory (media 1, 2) or the internal memory according to the processing.
- WP Write protect (applicable only to external memory (media 1 and 2))
- RDY / BUSY Ready business
- each content such as music data and image data is composed of a security header composed of various attribute information and a content as a real data portion.
- the flash memory of the media stores each pair of the security header part and the content part of a plurality of contents.
- the security header or content related to the same content should be stored in one project, except when batch erasure processing is allowed. Therefore, the process of storing different contents in one block is not performed.
- the security header is attribute information corresponding to each content.
- Figure 7 shows the data structure of the security header. Each data content will be described. • Format Version (Format Version)
- Encryption Algorithm Indicates the encryption mode corresponding to the algorithm specified in Encryption Algorithm. For example, it indicates ECB mode or CBC mode.
- Type 1 or Type 2 Indicates the content encryption format.
- type 1 The type of encrypting the entire content with one content key Kc is referred to as type 1, and the type in which the content is encrypted by applying a different key Kse c ⁇ n to each sector of the content is referred to as type 2.
- Figure 8 shows the configuration of each type of encryption format.
- Figure 8 (a) shows the memory storage configuration of the content encrypted in the type 1 encryption format
- (b) shows the memory storage configuration of the content encrypted in the encryption format of the second type.
- the type 1 encryption format shown in Fig. 8 (a) has a configuration in which all content is encrypted using one content key Kc and stored in memory, that is, sector-independent encryption processing.
- the type 2 encryption format shown in Fig. 8 (b) has a configuration in which different sector keys Ksec_1 to Ksec-m are applied to each sector of the flash memory and encrypted content is stored. That is, This is an existing encryption process. For example, in sector 1 of the flash memory shown in FIG.
- sec_l is set correspondingly as the encryption key for sector 1, and the content stored in sector 1 is K sec-1 for all of the works.
- the applied encryption processing is applied and stored.
- K sec-m is set correspondingly as the encryption key of sector m, and the content stored in sector m is encrypted by applying K sec-m in each block. And stored.
- a flag indicating encryption of each sector in the work block It has flags for the number of sectors in the block (for example, 32 sectors). For example, 0: non-encrypted sector, 1: encrypted sector. In this example, one block is set to 32 sectors.
- Flag that indicates whether or not IVC is added to each sector in the block. It has flags for the number of sectors (32 sectors) in the block. For example, 0: no ICV, 1: ICV
- Fig. 9 shows the structure of the relocation list. Hereinafter, each data will be described.
- Revocation List This is an ID as a unique identifier. • Revocation List Version
- the relocation list is updated, adding new invalid media and content revocation information when updated.
- version information is set in a revocation list
- version information of a valid revocation list is set in a content header.
- the memory interface unit compares the version information of the current revocation list with the version information of the revocation list for updating, and determines that the revocation list is a new revocation list. Only when it is determined, the revocation list update is permitted.
- a list of stale media 1 identifiers A list of stale media 1 identifiers.
- the revocation list in the present invention is composed of a plurality of types (media, content) of identifiers (ID).
- ID identifiers
- the revocation list which is the revocation information of contents and media
- the memory's interface unit checks the identifier (ID) of the used media or used content against the ID listed in the relocation list. It is possible to prohibit the use of inappropriate media and the reading of illegal content.
- the revocation list is set up in a memory interface for directly accessing an external memory or the like. After the setup, the memory list is set when the media is mounted or when the content is reproduced. Since the configuration is such that it can be used continuously at the interface, processing such as repeatedly reading from the internal memory when using the content is not required, and the processing is executed efficiently.
- BPT Block Permission Table
- the file system of the OS in the PC takes the initiative in reading the access information templates (eg, File Allocation Table; FAT) stored on the recording media. It was read and managed, and the file system could freely rewrite the contents of its access information table. For this reason, even if there is a recording medium that stores an access information table for which write protection is set, there is a possibility that the data in the recording medium can be rewritten by reading and rewriting the access information table by the file system. is there.
- FAT File Allocation Table
- the block permission table (BPT) employed in the data processing apparatus of the present invention is an access permission table of the medium itself stored in a block in which rewriting is prohibited in the device.
- the device executes data processing such as writing content data using the media storing the BPT, it sets the block 'permission table (BPT)' in the memory interface of the device that directly accesses the media.
- BPT block 'permission table
- FIG 10 shows the structure of the block permission table (BPT).
- BPT block permission table
- BPT Block Permission Table
- Block Permission Table Block Permission Table
- Block Permission Table Indicates the total number of blocks handled in the BPT (Block Permission Table). As described above, flash memory is erased block by block. Shows the number of works managed by BPT.
- Block # 1-Block # 1 Permission Flag (B lock # 1-#n Permission Flag) Indicates the access restriction flag of each block. For example, a flag 0 block indicates a non-erasable program, and a flag 1 block indicates a erasable program.
- the device file system After recognizing the device, the device file system reads the process permission table (BPT) from a medium such as a memory card equipped with a flash memory, and sends the BPT to a memory interface section that directly accesses the medium. Is transferred and managed as an access permission table for the media.
- the memory interface unit receives the access permission table and sets BPT (ex. Memory unit 321 shown in FIG. 4). When the memory interface receives an instruction to access the memory of the medium, it executes only the access based on the access permission table of the medium.
- the block permission table (BPT) contains, for example, the permitted processing mode for each process in the flash memory of the media, specifically, for example, an erasable block, an erasable block, a reproducible block, and a non-reproducible Blocks and other settings have been made.
- the memory interface will follow these BPT settings Determines whether or not processing is possible. The details of these processes will be described in more detail later.
- a tampering check value ICV is set in the block permission table (BPT) to prevent tampering. When the BPT is set to the memory interface, an ICV check is executed and it is determined that tampering has occurred. In this case, the BP set processing is not executed. Therefore, creating and using an unauthorized access permission table is prevented. 3?
- 1 1 of 1 CV is generated based on the media identifier (ID). Therefore, even if the access permission table is copied to another medium, that medium cannot be used.
- ID media identifier
- the generation of the ICV will be described later.
- the media is shipped with the work 'permission' table (BPT) written in a predetermined block of memory (ex. Flash memory) at the time of manufacture. At this time, for the blocks in the memory that store the block permission table (BPT), the setting to disable block erasure is described in the block permission table (BPT).
- the device of the present invention has a configuration in which, in the process of erasing data stored in a medium, referring to the BPT to determine whether or not each block set in the BPT is erasable, and then erasing only the blocks that can be erased. Therefore, erasing and rewriting of the BPT are prevented for media for which the BPT storage block has been set as non-erasable. The process of writing and playing files using the BPT in the media will be described later.
- Fig. 11 and Fig. 12 show the setting flow of the work permission table (BPT) during the production of media (data recording media with flash memory).
- ID media identifier
- FIG. 11 shows the flow of setting the block permission table (BPT) executed by the media creator for the type of media 1 that does not have a mutual authentication function.
- S31 a medium that has not yet been initialized
- S32 an ID stored in advance in the medium
- S33 An ICV is generated based on the ID.
- a key Kic v_bpt is generated (S33).
- the meaning of the expression means that the exclusive OR of the BPT ID and the initial value IV ic v_bpt is subjected to encryption processing in the DES mode using the master key: MK ic v_bpt.
- the necessary parameters are set in each field of the BPT (S34), and an ICV is generated based on the BPT in which each parameter is set (the configuration of FIG. 14 described later is applied) ( S35), and set the generated ICV in the ICP field of the BPT (S36).
- the block 'permission' table (B P T) thus constructed is written to the medium 1 (S37). Note that, as described above, the BPT write procedure is a block set as a non-erasable area in the BPT.
- FIG. 12 is a setting flow of the block permission table (BPT) executed by the media creator in the type of the media 2 having the mutual authentication processing function. Each process will be described. First, mutual authentication processing and sharing of a session key with the media 2 for which initialization has not yet been performed (for these processings, refer to the processing in FIG. 22 described later).
- BPT block permission table
- an ID read command is sent to the medium 2 (S41), the ID is read, and an ICV generation key Kic v_bpt based on the ID is generated (S42).
- the meaning of the expression is the ID of the BPT and the initial value (IV ic v_bpt) This means that encryption processing in the DES mode using the master key MKic v_bpt is performed on the exclusive OR of
- the necessary parameters are set in each field of the BPT (S45), and an ICV is generated based on the BPT in which each parameter is set (the configuration of FIG. 14 described later is applied) (S45). 46), and sets the generated I CV in the I CV field of the BPT (S47).
- the block 'Permission' table (BPT) constructed in this way is written to the media 1 (S4.8).
- the BPT write program is a program set as a non-erasable area in the BPT.
- Fig. 13 shows a specific example of the configuration of the work permission table (BPT).
- FIG. 13A shows a block configuration of the flash memory of the media 1 and 2
- FIG. 13B shows a block 'permission' table (BPT).
- the format version, BPTID, and the number of blocks are set to erasable (1) and non-erasable (0) for each program, and finally the BPT is checked for tampering. It has a configuration that stores the value (ICV of BPT).
- the BPT storage block in memory (block # 2 in the example in Figure 13) is set as a non-erasable area in the block permission table (BPT), preventing erasure by the device and preventing the BPT from being rewritten. Have a different configuration.
- the configuration example of the work piece table (BPT) shown in FIG. 13 is a configuration in which only erasable (1) and non-erasable (0) are set for each work, but only the erase process is performed.
- a configuration in which access permission is set a configuration in which reading (playback) permission and non-permission are set may be used. For example, it is possible to set playback and erasing disabled (1 1), playback enabled, erasing disabled (10), playback disabled, erasing enabled (01), and playback and erasing enabled (00).
- the medium 2 has a control unit 231 in the medium, and can maintain the state of whether or not the block.
- Permission table BPT
- BPT Permission table
- the BPT writing in the above example has been described as a configuration that is executed through a media creator that can perform command communication with the media, but in addition, the BPT writing to the media is directly performed by a BPT created with a simple memory writer It may be configured to write. However, also in this case, the BPT storage block of the memory is set as a non-erasable area in the procedure 'Permission' table (BPT).
- the data is tamper-checked with an integrity check value (ICV).
- ICV integrity check value
- the tampering check value (ICV) is added to the content stored in the data storage means, the work 'permission' table, the repositories list, etc., and is applied to each data tampering check process. Is done. It should be noted that the tampering check value for the content can be added in units of sector data. The specific form of the ICV processing added to the content, the block 'permission' table, the revocation list, etc. will be described later.
- Figure 14 shows an example of generating a tampering check value (ICV) using the DES encryption processing configuration.
- the message constituting the target tampering check data is divided into 8-byte units (hereinafter, the divided messages are referred to as DO, Dl, D2,..., Dn-1). Yes) Yes.
- the falsified chip data is, for example, the content itself, the configuration data of the BPT, which is the above-mentioned access permission table, or the configuration data of the repock list.
- I 1 is put into the DE encryption unit, and is encrypted using the tampering check value (ICV) generation key K i c V (the output is E 1).
- ICV tampering check value
- E 1 and! Exclusive-OR 1 and put its output I 2 into the DES encryption unit, and encrypt it using the tampering check value (I CV) generation key K i c V (output E 2).
- I CV tampering check value
- a comparison is made between a legitimate ICV generated at the time of content generation, which is guaranteed to be falsified, and an I CV generated based on the new content, to prove the identity. It is guaranteed that the message, for example, the content, BPT, or relocation list, has not been tampered with, and if it is ICV, ⁇ ICV, it is determined that there has been tampering.
- Figure 15 shows the data tampering check processing flow using ICV.
- data to be tampered with is checked (S11), and ICV, is calculated based on the extracted data by, for example, the DES encryption processing configuration in Fig. 14 (S12).
- the calculated ICV is compared with the ICV stored within a day (S13), and when the values match, In this case, it is determined that the data is valid without any tampering (S14 to S15), and if they do not match, it is determined that the data has been tampered with overnight (S14 to S16).
- the falsification check value (I CV) generation key K ic v_r 1 for falsification check of the revocation list is stored in the revocation list stored in advance in the memory section 32 1 (see FIG. 4) of the memory interface section 300 of the device.
- the tamper check value (ICV) generation key K ic v_b ⁇ for checking the tampering of the block permission table (BPT) is stored in advance in the memory section 32 1 of the memory interface section 300 of the device (see FIG.
- the master key for generating the ICV key of ⁇ ⁇ : stored in : M and the initial value for generating the BPT ICV key: I Vicv_bpt and the BP included in the attribute information of BPT Generated based on the T identifier (ID). Specifically, it is generated based on the tampering check value (I CV) generation key K ic v_b pt DES (E, MKicvJpt, ID ⁇ I Vicv.bpt).
- the above expression means that the exclusive OR of the ID of the BPT and the initial value (I Vicv_bpt) is based on the master key: MKicv_bpt and that the encryption processing in the DES mode is executed.
- the tampering check value of the block permission table (BPT) is calculated using the initial value I Vbpt (stored in the memory section 321) by applying the I CV generation key K ic v_bpt generated in this way. This is performed by the ICV generation configuration shown in 15.
- the ICV stored as supplementary information of the BPT is generated based on the data in the BPT and the data including the identifier (ID) of the media storing the BPT. Therefore,
- the BPT ICV check has not only the function of BPT data falsification but also the function of verifying that the media is not valid, that is, that it is not copied to other media.
- the tamper check value (ICV) generation key K icv _ cont for checking tampering of the content in sector units is encrypted and stored in the header (security header) of the content.
- DES Decryption process in CBC mode performed by controller 2 3 1 of media 2 executed after mutual authentication with media 2 in the cryptographic processing section 320 of the interface (see Fig. 4) Is obtained by These processes will be described in detail in the description using the flow.
- FIG. 16 shows the processing of the control unit 205 of the device 200 in FIG. 2 on the left side, and the processing of the memory interface unit 300 on the right side.
- the status of the status register of the memory interface unit 300 at the start of the processing is: busy flag: 0 (standby), revocation list set flag: 0 (not set).
- the control unit transmits a file allocation table call command of the internal memory to the memory interface unit (S101).
- the memory interface sends a file allocation table read command to the internal memory of the device (S102) to store the file allocation table. It is received from the internal memory and transmitted to the control unit (S103).
- the file allocation table is a table that manages various data files, such as various contents or revocation lists, for example, various data files stored in an internal memory or an external memory accessible to a device. As shown in Fig. 17, the directory, file name, and storage sector are associated with each other. The device accesses various files based on the file allocation template.
- the control unit Upon receiving the file allocation table corresponding to the data stored in the internal memory (S104), the control unit executes a revocation list reading process based on the table (S105), and executes The set list setting command and the relocation list are transmitted to the memory interface (S106).
- the process of setting the revocation list is executed only when the revocation list is valid, and when the list is set, the content is read out from the media at the time of contention processing or the like. Performs comparison processing with the content or media identifier listed in the list. These processes will be described later.
- the memory interface sets the access flag of the status register to 1 (access). Then, an alteration check value (ICV) generation key KicV-r1 for alteration check of the revocation list is generated (S109).
- the falsification check value (I CV) generation key K ic v_r1 for the falsification check of the relocation list is a key for generating the I CV key of the revocation list (Bevocation List) stored in advance in the depice.
- I CV falsification check value
- Kic v_r 1 DES (E, MKicv_rl, Version "I Vicv_rl).
- the meaning of the expression is the version (Version) and the initial value ( Exclusive OR of I Vicv_rl) and master key: Execute encryption processing in DES mode using MKicv rl It means.
- the memory interface generates the revocation list ICV, using the generated tampering check value (ICV) generation key Kicv-r1, and checks it against the correct ICV stored in the relocation list in advance.
- Execute the processing (ICV, ICV?) (S110).
- the generation of ICV is performed by using the initial value I Vrl and applying the generated tampering check value (ICV) generation key Kicv_r1 based on the DES mode described in FIG. 14 described above. Is
- the relocation list is determined to be legitimate without tampering, and is set to a state that can be referred to during content read processing and the like. Then, the repoke list set flag is set to 1 (set) (S111).
- the relocation list is stored in a memory in the memory interface (for example, the memory section 321 (see FIG. 4)).
- the transmission / reception control section 306 receives a media recognition command from the control section 205 (see FIG. 2).
- the media identifier of the set relocation list is compared with the media identifier of the media attached to the device, and the transmission / reception controller 306 reads the content from the controller 205.
- the content identifier of the set relocation list is compared with the content identifier of the content to be read.
- the relocation list is set up in the memory interface that directly accesses the external memory, etc., and after setup, the configuration is such that it can be continuously used in the memory interface when loading media and playing back content. This eliminates the need to repeatedly read from the internal memory when using the content, and the process is executed efficiently.
- control unit sends a status read command to the memory interface (S114), and reconditions it as a condition (S115) when the busy flag becomes 0.
- the location list set flag is saved (S116).
- the revocation set flag to be saved is 1 indicating that the list has been set to be valid if it is determined that the list has not been tampered with, and 0 otherwise.
- the processing of the control unit 205 of the device 200 in FIG. 2 is shown on the left side, and the processing of the memory interface unit 300 is shown on the right side.
- the status register status of the memory interface section 300 is as follows: Busy flag: 0 (standby), Media 1 valid flag: 0 (invalid), Media 1 set flag: 0 ( (Not set).
- the control unit recognizes that the medium mounted on the device is the medium 1 (S201).
- the media identification is performed based on mechanical information based on a preset media shape or communication information between the device and the media.
- the control unit transmits a medium 1 recognition command to the memory interface (S202).
- the memory in interface Upon receiving the media 1 recognition command from the control unit (S203), the memory in interface sets the status register evening business flag to 1 (busy) (S203). 204), a read command of the identifier (ID) of the medium 1 is transmitted to the medium 1 (S205), and received (S206). Further, the ID of the received medium 1 is compared with the list of the revoked (excluded) media 1 in the revocation list that has already been set (S207). The revocation list is set up in the memory interface at the time of startup, as described in the flow at the time of startup in FIG. 16 described above. Will be available continuously.
- step S210 If an ID that matches the received ID does not exist in the list, it is determined that the mounted medium 1 is not the target medium to be re-poked but is an effectively usable medium (No in S208), and the medium 1
- the valid flag is set to 1 (valid) (S209), and the busy flag is set to 0 (standby) (S210). If there is an ID that matches the received ID in the revocation list (Yes in S208), it is determined that the mounted medium 1 is the medium to be revoked and cannot be used effectively. In step S210, the busy flag is set to 0 (standby) without activating the valid flag, and the process ends.
- step S211 the control unit sends a status read command to the memory interface, confirms that the busy flag has become 0 (standby) (S212), and then checks the media flag state. If it is valid (flag: 1), the process continues only if it is valid (Yes in S213), and if it is invalid (flag: 0) (No in S213), the process ends.
- control unit sends a file allocation table call command for the media 1 to the memory interface (S221), and the memory interface reads the sector stored in the file allocation table.
- the command is transmitted to the medium 1 (S222), the file allocation table is received from the medium 1, and transmitted to the control unit (S223).
- the control unit Upon receiving the file allocation table corresponding to the data stored in the medium 1 (S224), the control unit executes the read processing of the block permission table (BPT) based on the table (S225).
- the BPT set command and the BPT are transmitted to the memory interface (S226).
- BPT set The BPT is executed only when the BPT is valid.When the BPT is set, whether or not it is possible to erase each block by referring to the BPT at the time of content processing such as content writing from the media Is determined. The data write processing with reference to the actual BPT will be described later.
- the memory interface Upon receiving the set command of the work permission table (BPT) and the BPT from the control unit (S227), the memory interface sets the busy flag of the status register to 1 (busy) (S27). 228) Then, an alteration check value (ICV) generation key Kic v_bpt for an alteration check of the BPT is generated (S229).
- An alteration check value (I CV) generation key K ic V— bpt for an alteration check of the BPT is a master key that generates an I CV key of the BPT stored in advance in the device: MK icv_bpt and an I CV key of the BPT Initial value when generating: I Generate based on Vicv_bpt and media ID.
- the meaning of the expression is that the exclusive OR of the media 1 ID and the initial value (I Vicv_bpt) is to be encrypted in the DES mode using the master key: MKicv_bpt.
- the ICV generation process is performed by a process in which the generated falsified pick value (ICV) generation key K icv_bpt is applied using the initial value I Vbpt based on the DES mode described in FIG.
- the ICV stored as BPT supplementary information is generated based on the data including the media ID, and the ICV check is performed not only on whether the BPT data has been tampered with, but also on the media-specific legitimate BPT. In other words, it has a function that also verifies that it has not been copied to another medium.
- ICV ICV (Yes in S2331)
- the BPT is determined to be valid without tampering stored on valid media, and can be referred to in content processing and the like.
- control unit sends a status read command to the memory interface (S234), and saves the media 1 set flag on condition that the busy flag becomes 0 (Yes in S235) (S236) )
- the media 1 set flag to be stored is 1 indicating that the media 1 has been set effectively when it is determined that the BPT has not been tampered with, and 0 otherwise.
- Media 2 is a media that performs mutual authentication with a device, as described with reference to FIG.
- Steps S301 to S304 in FIG. 20 are the same as steps S201 to S204 in the medium 1 confirmation process, and a description thereof will be omitted.
- step S305 the memory interface executes a mutual authentication process with the medium 2.
- Figure 22 shows the processing sequence of the mutual authentication method (IS0 / IEC 9798-2) using the common key cryptosystem.
- DES is used as a common key cryptosystem, but other systems are possible as long as they are common key cryptosystems.
- B generates a 64-bit random number Rb, and transmits Rb and its own ID (b) to A.
- A Upon receiving this, A generates a new 64-bit random number Ra, encrypts the data using the key Kab in the DES CBC mode in the order of Ra, Rb, and ID (b), Return to B.
- the key Kab is a secret key and an authentication key common to A and B.
- the initial value and the Ra are exclusive-ORed, and the key Kab is generated by the DES encryption unit.
- the key Kab is generated by the DES encryption unit.
- To generate a ciphertext E 1 then XOR the ciphertext E 1 and Rb, and in the DES encryption unit, encrypt using the key Kab to generate a ciphertext E 2
- the ciphertext E 2 and the ID (b) are exclusive-ORed, and the ciphertext E 3 generated by encrypting using the key Kab in the DES encryption unit.
- Token-AB transmission data
- B decrypts the received data with the key K ab (authentication key) that is also stored in each storage element as a common secret key.
- the decryption method of the received data is as follows. First, the ciphertext E1 is decrypted with the authentication key K ab, and an exclusive OR is performed with the initial value to obtain a random number Ra. Next, the ciphertext E2 is decrypted with the authentication key Kab, and the result and E1 are exclusive ORed to obtain Rb. Finally, the cipher text E 3 is decrypted with the authentication key K ab, and the result is XORed with E 2 to obtain ID (b). Of the Ra, Rb, and ID (b) thus obtained, it is verified whether 1 and 10 (13) match those transmitted by B. If it passes, B authenticates A as valid.
- B generates a session key (K ses) to be used after authentication by using a random number. Then, in the order of Rb, Ra, and K se s, the data is encrypted using the authentication key Kab in the C CBC mode of DES, and is returned to A.
- K ses a session key
- A decrypts the received data with the authentication key Kake.
- the decoding method of the received data is the same as the decoding processing of B.
- Rb, Ra, and K ses obtained in this way it is verified that 113 and 1 & match the one transmitted by A. If it passes this verification, A authenticates B as valid.
- the session key K ses is used as a common key for secret communication after authentication.
- Fig. 23 and Fig. 24 show the flow of mutual authentication and key (session key) sharing processing between the device and the media of the present invention.
- the left side shows the memory interface of the device, and the right side shows the processing in the controller of the media 2.
- the media 2 controller generates a random number Ra (S401), and sends Ra and its own medium 21D to the device memory interface (S402).
- the device memory interface receiving this (S 403) uses the exclusive-OR of the received media 2 ID and the initial value (IV—ake) to generate its own authentication key generation master key: MK ake Apply! )
- Perform ES encryption processing to generate an authentication key Kake (S404).
- the device memory interface A new random number Rb is generated (S 405), and the initial value IV—auth and Rb are exclusive-ORed, encrypted using the key K ake, and a ciphertext E 1 is generated.
- Exclusive-OR 1 with Ra encrypt it using key Kake, generate ciphertext E2, and exclusive-OR ciphertext E2 with media 2 ID to use key Kake
- the encrypted data is encrypted to generate a ciphertext E3 (S406), and the generated data E1
- ] Means a union of union.
- the media 2 controller receiving this decrypts the received data with the authentication key K ake (S 409).
- the ciphertext E1 is decrypted with the authentication key Kake, and the exclusive value is ORed with the initial value to obtain a random number Rb '.
- the cipher text E 2 is decrypted with the authentication key K a ke, and the result is exclusively ORed with E 1 to obtain R a ′.
- the ciphertext E 3 is decrypted with the authentication key Kake, and the result is exclusively ORed with E 2 to obtain the media 2 ID ′.
- Ra ', Rb', and the medium 21D obtained in this way it is verified whether Ra and the medium 21D match the one transmitted by the medium 2 (S410, S411). If this verification passes, Media 2 authenticates the device as valid. If Ra 'and the media 2 ID do not match the transmission data, the mutual authentication shall be deemed to have failed (S4 13) and the subsequent data communication shall be stopped.
- the media 2 controller generates a random number as a session key (K ses) to be used after authentication (S 412).
- K ses a session key
- the data is encrypted using the authentication key Kake in the CBC mode of DES, and transmitted to the device memory interface (S422).
- the device memory interface that has received this decrypts the received data with the authentication key Kake (S424).
- the Ra "and Rb” force devices are verified to match those transmitted (S425, S426). If the verification passes, the device authenticates the media 2 as valid (S427).
- the session key K ses is shared (S429) and used as a common key for secret communication after authentication. If Ra "and Rb" do not match the transmitted data, It is assumed that the certificate has failed (S428), and the subsequent data communication is stopped.
- step S305 the above-described mutual authentication and key sharing processing are executed.
- step S306 when it is confirmed that the mutual authentication is successful, the ID of the media 2 received during the mutual authentication processing is already set.
- the comparison with the list of the repo (exclusion) medium 2 in the relocation list being executed is executed (S307).
- step S308 If an ID that matches the received ID does not exist in the list, it is determined that the mounted medium 2 is not a target medium for re-poking but a medium that can be used effectively (No in S308), and the medium in the status register is determined.
- control unit transmits a status read command to the memory interface in step S311 and confirms that the busy flag has become 0 (standby) (S312), and then confirms the media flag state. If it is valid (flag: 1), the processing is continued only if it is valid (Yes in S313), if it is invalid (flag: 0) (No in S313), the processing is terminated .
- control unit transmits a file allocation table call command for the media 2 to the memory interface (S321), and the memory interface transmits a sector read command stored in the file allocation table. Is transmitted to the medium 2 (S322), and the file allocation table is received from the medium 2 and transmitted to the control unit (S323).
- the control unit Upon receiving the file allocation table corresponding to the data stored in the medium 2 (S324), the control unit executes a process of reading the work permission table (BPT) based on the table (S325). Then, the BPT set command and the BPT are transmitted to the memory interface (S326).
- the BPT set processing is executed only when BPT is enabled, and when BPT is set, At the time of content processing such as content writing processing from the media, it is determined whether or not block II can be erased by referring to the BPT. The data write processing with reference to the actual BPT will be described later.
- the memory interface sets the status flag of the status register to 1 (busy) (S328). Then, a falsification check value (ICV) generation key Kic v_bpt for the falsification check of the BPT is generated (S329).
- IOV falsification check value
- the meaning of the expression is that the exclusive OR of the media 2 ID and the initial value (I Vicvjjpt) is used to execute the encryption process in the DES mode using the master key: MKicv_bpt.
- the memory interface generates the BPT I CV, using the generated tampering check value (I CV) generation key K ic v_bpt and I Vbpt, and obtains the correct I CV value stored in the BPT in advance.
- the generation process of I CV is performed by using the initial value I Vbpt and applying the generated tampering check value (I CV) generation key Kic v_bpt based on the DES mode described in FIG.
- the ICV stored as supplementary information of the BPT is generated based on the data including the media 2 ID, and the check of the ICV includes not only the presence / absence of alteration of the BPT but also the media-specific information. It has a function that also verifies that it is not a valid BPT, that is, ⁇ ⁇ ⁇ ⁇ ⁇ copied to other media.
- ICV, ICV (Yes in S331)
- the BPT is determined to be legitimate and stored in valid media without tampering and can be referenced in content processing, etc.
- control unit sends a status read command to the memory interface (S 334), and sets the media 2 set flag as a condition that the busy flag has become 0 (Yes in S 335). Save (S336).
- the media 2 set flag to be stored is 1 indicating that the media 2 has been set effectively when it is determined that the BPT has not been tampered with, and 0 otherwise.
- the data file includes content data such as music data and image data, as well as the above-mentioned relocation list.
- the flow shown in FIG. 25 is a processing flow common to reading a data file stored in either the internal memory or the external memory (media 1, media 2).
- the left side is the control unit of the device, and the right side is the processing of the memory interface of the device.
- the control unit obtains the sector addresses (S (1) to S (k)) of the data to be read from the file allocation table (see FIG. 17) (S501), and obtains the sector address obtained in the memory interface.
- S (i) Transmit read commands sequentially (S502, S503).
- the memory interface sets the busy flag to 1 (busy) (S505), and sets the receive sector S (i) to internal memory or external memory. It is determined whether or not the medium is an external memory (S506).
- the BPT refers to the block permission table (BPT) and sets the sector S (i) to be read by the BPT as a read-permitted block. Is determined (S508). If the read permission block is set in the BPT, the data of the corresponding sector is read from the external memory (S509). If the data to be read is data in the internal memory that is not managed by the BPT, steps S507 and S508 are skipped.
- step S507 and S508 determines whether the set flag of the medium storing the sector S (i) is not 1, or read permission for the sector S (i) is set in the BPT. If not, the flow advances to step S 5 13 to set a read success flag to 0 as a read error.
- step S506 to S508 when it is determined that the reading of the target sector S (i) is executable, the corresponding sector is read from the memory, and the redundant portion set corresponding to the sector is read.
- the error correction processing based on the error correction code is executed (S510), it is confirmed that the error correction is successful (S511), the read success flag is set to 1 (success), and the read result is set.
- the data is stored in the buffer (S512), and the busy flag is set to 0 (standby) (S513). If the error correction fails, the read success flag is set to 0 (failure) (S513), and the processing ends.
- control unit reads the status of the memory interface, and reads out the read data on condition that the read success flag is 1 while the busy flag is 0.
- the process of taking out from the buffer and saving, incrementing the address sequentially, sequentially taking out and saving the data from the buffer and executing it repeatedly is performed, and after saving all the read target sectors, a file is constructed from all the read sector data. And terminate the processing.
- FIG. 26 is a common processing flow when writing a file to either the internal memory or the external memory (media 1, media 2).
- the left side shows the control section of the device, and the right side shows the processing of the memory interface of the device.
- the control unit divides the write target file into sectors. Let D (1) to D (k) be the divided data.
- the control unit sets a write sector S (i) of each data D (i), and sequentially transmits a sector S (i) write command and data I »(i) to the memory interface ( S602 to S604).
- the memory interface When the memory interface receives the sector S (i) write command (S605), the memory interface returns to the busy state.
- One flag is set to 1 (busy) (S606), it is determined whether the receiving sector S (i) is internal memory or external memory (S607), and if it is external memory, It is determined whether the set flag of the medium 1 or the medium 2 is 1 (indicating that the medium is set effectively) (S608), and if the set flag is 1, Then, referring to the block permission table (BPT), it is determined whether or not the sector S (i) to which the BPT is to be written is set as a block to which writing is permitted (S609).
- BPT block permission table
- an error correction code to be set corresponding to the sector is generated (S610), and data D (i) and an error correction code are stored in sector S (i).
- Write the redundant part set the write success flag to 1 (success), and set the busy flag to 0 (standby) (S614).
- steps S608 and S609 are skipped. If the determination in steps S608 and S609 is No, that is, if the set flag of the medium is not 1, or if write permission for sector 3 (i) is set to 8? If not, the flow advances to step S613 to set the write success flag to 0 as a write error.
- step S616 to S620 the control unit reads the status of the memory interface, and performs addressing on condition that the write success flag is 1 while the busy flag is 0. Are sequentially incremented, and the write data is sequentially transmitted to the memory interface.
- the file allocation table is updated (S621), and the updated file allocation table is transmitted to the memory interface together with the update command (S622).
- the allocation table is written (S623).
- an encryption process using an encryption key corresponding to a sector position will be described.
- encryption may be performed on the content part.
- the entire content part is encrypted using a single encryption key, a large amount of ciphertext under the same key will be generated. There is a risk that they will occur and make attacks easier.
- the minimum unit of content encryption in this system is a sector.
- the number of sectors is 8 bytes (for DES) or 16 pi.
- M key information corresponding to the number of sectors M per block of media is stored in the security header (see FIG. 7) which is the attribute information of each content described above. Then, these are applied as encryption keys for each sector (see Fig. 8).
- K c — Encrypted 0 to K c — Encrypted 31 in the security header shown in FIG. 7 indicate 32 encryption keys K c. [Encrypted] indicates that each key Kc is stored in an encrypted form.
- a key is selected from the plurality of keys according to the position of the sector in the pro- cess and used as an encryption key corresponding to the sector.
- FIG. FIG. 27 shows the key storage configuration in the security header generated corresponding to the content as the header information of the content, and the correspondence between each stored key and each sector in the memory to which each key is applied.
- FIG. FIG. 27 (a) is a simplified diagram of the key storage configuration in the security header described above with reference to FIG.
- M keys content keys
- K c (0) to K c (M-1) are stored.
- various types of information such as version and content type are stored, and further, an I CV for checking tampering of the header information is stored.
- the security of the stored data is enhanced by storing the data by applying different encryption keys corresponding to the sectors.
- the entire content can be decrypted by key leakage, whereas according to this configuration, the entire data can be decrypted by the leakage of one key. Because it is impossible.
- a single DES that executes a DES encryption process using one encryption key is applied.
- an encryption configuration in which a triple DES (Triple DES) using two or more keys for encryption may be applied.
- FIG. 28 shows a detailed configuration example of Triple DES.
- the configuration as Triple DES typically has the following two different modes.
- FIG. 28 (a) shows an example in which two encryption keys are used, in which an encryption process using key 1, a decryption process using key 2, and an encryption process using key 1 are performed in this order. Two types of keys are used in the order of Kl, K2, and Kl.
- Fig. 28 (b) shows an example using three encryption keys, in which the encryption process using key 1, the encryption process using key 2, and the encryption process using key 3 are performed in this order. Both perform encryption processing. Three types of keys are used in the order of Kl, ⁇ 2, ⁇ 3.
- Figure 29 shows an example of a configuration in which two different encryption key pairs are applied to each sector ⁇ of data stored in the memory and triple DES encryption processing is performed.
- sector 0 of each block uses two keys, keys Kc (0) and Kc (1).
- Sector s performs triple DES encryption using two keys, keys Kc (s) and Kc (s + 1), and sector M—1 uses key Kc Perform triple DES encryption using two keys, (M-1) and Kc (0).
- the number of keys stored in the header is M, and it is not necessary to add the number of stored keys shown in (27), and security can be improved.
- FIG. 30 shows a data encryption configuration example in a different mode.
- FIG. 30 shows an embodiment in which two consecutive sector areas of each memory block are used as one encryption block to perform triple DESS encryption using two keys.
- sector 0 and sector 1 of each block perform triple DES encryption using two keys
- sector 2 s and sector 2 s + l performs triple DES encryption using two keys
- sector M—2 and sector M—1 use key Kc ( Triple DES encryption is performed using two keys, M-2) and Kc (M-1).
- FIGS. 27, 29, and 30 there are various configurations in which a plurality of keys are stored in the header and encryption for each sector is performed using a key selected from the plurality of keys.
- the same number of keys as the number of sectors are stored in the header.
- the number of stored keys is N (N ⁇ M), and 0 and the sector s may be encrypted with the same key.
- the number of stored keys may be L (L> M), and a triple DESS using a plurality of completely different key sets may be applied to each sector.
- a process for separating data from the ICV and extracting it that is, a process for once removing the ICV in the sector in the read data portion and a process for concatenating the data in the extracted sector in a plurality of sectors can be performed. It is necessary to build a new file system to execute the processing. Furthermore, when these ICV checks are performed by the control unit, the control unit is overloaded with the processing.
- an ICV is set for each sector, and the ICV setting position is not in the actual data area but cannot be read by the file system of the device.
- the redundant area is set in advance as the area.
- the ICV check processing of the sector 2 is executed by the memory interface unit 300 (see Fig. 2). If it is determined that the data has been tampered with and the data is invalid, the control unit 205 (see Fig. 2) Do not perform the transfer to). At the time of data writing, the memory interface unit 300 calculates the I CV of each sector, and executes a process of writing to the redundant unit.
- the ICV flag (IC Flag) in the security header has a flag for the number of sectors (32 sectors) in the block, and the Indicates whether ICV is added or not added for each sector in the sector. For example, 0: no ICV, 1: ICV, set as
- Figure 31 shows the configuration of the data use part and redundant part in each sector.
- the data stored in the memory flash memory
- flash memory is divided and stored in a block unit area having a plurality of sector areas.
- each sector is read as actual data (ex. Content) by the file system of the file system.
- a redundant unit that stores information such as ECC (Error Correction Code) that cannot be read.
- the capacity of this redundant part is a predetermined area of, for example, 16 bytes or 20 bytes, and the file system of Depise recognizes this redundant part as a non-data area, and performs the processing for reading data (content). Does not read.
- the ECC stored in the redundant part does not use the entire redundant part, and the redundant part has an unused area (reserved area).
- the falsification check value (ICV) of each sector is stored in this reserved area.
- the connection process of the data part by the file system of the device is performed as shown in Fig. 31 (c).
- the same processing as the conventional data connection processing that only performs the connection of the evening section can be performed. Therefore, the file system of the device only needs to connect the data area except for the redundant part, and does not require any new processing.
- the validity of the data can be verified in units of the data sector composed of a plurality of sectors.
- the data area that can be used for data recovery can be used as it is.
- the ICV check only the correct section determined to be correct (no tampering) is transmitted to the control unit. Also, since the IVC check is performed in the memory interface unit, there is an effect that the load on the control unit is not applied.
- the security header configured for the content includes a plurality of content keys (Kc-Encryptedxx) as encryption keys corresponding to the sector and the generation of a content check value.
- the key (Kic v_Encrypted) is stored encrypted.
- One mode of encrypting these keys is to encrypt them with a delivery key K dist stored in advance in the memory section 321 (see FIG. 4) of the memory interface of the Depice, and store the encrypted keys.
- K c — EncryptedO En c (K ist, K c (0)).
- Enc (a, b) indicates that b is data encrypted with a.
- one configuration is such that each key is encrypted by using the distribution key K dist of the devis and stored in the security header.
- the medium 2 that is, a medium having a cryptographic processing unit, performing mutual authentication with a device and executing a content process, a content key relating to the content stored in the media 2 using the unique key of the media 2, an ICV generation key Is encrypted.
- a process of storing a content key and a content I CV generation key, which are encrypted using the unique key of the media 2, here, the media 2 storage key Ksto, in the security header will be described.
- the media 2 storage key K sto is stored in the internal memory 235 of the media 2 controller 231 of the media 2 and 230 as shown in FIG. Therefore, the encryption process and the decryption process of the content key and the ICV generation key using the media 2 storage key K sto are executed on the media 2 side.
- the device equipped with media 2 obtains a content key, an ICV generation key, or performs processing to store it in a security header when using the content of media 2, the media 2 side encrypts the key. It is necessary to execute the decoding process. In the data processing device of the present invention, these can be processed in CCB (CipherBlockChaining) mode.
- Figure 32 shows the key encryption configuration in CBC mode.
- This encryption processing is executed in the encryption processing section 236 of the medium 2 (see FIG. 2). Performs an exclusive-OR operation between the initial value IV—keys stored in the internal memory 235 and the content check value generation key K ic v_cont, and stores the result in the storage key stored in the internal memory 235 of the media 2. Perform DES encryption using K sto, and store the result as K iev one cont Encrypted. Further, the exclusive OR of Kic v_cont Encrypted and the content key K c (0) corresponding to the sector (0) is executed, and the result is stored in the storage key K stored in the internal memory 235 of the medium 2.
- FIG. 33 shows a key decryption processing configuration in the CBC mode.
- This decryption processing is executed in the encryption processing section 236 of the medium 2 (see FIG. 2).
- DES decryption processing is performed on K c (0) Encrypted using the storage key K sto stored in the internal memory 235 of the media 2, and the result is stored in the initial value IV— keys stored in the internal memory 235.
- the sector corresponding contention K c (0) corresponding to the sector (0) is output.
- the storage key K sto was applied to K c (1) Encrypted; the DES decryption process was performed, and the result was XORed with the content key Kc (0) Encrypted to obtain the section (1).
- the corresponding sector corresponding contention Kc (1) is output.
- these processes are repeatedly executed to obtain the content key.
- the figure shows an example in which only the content key is output, the same processing can be applied to the content falsification check value generation key (Kic V—Encrypted).
- a content falsification chip value generation key (Kiev) can be generated from the obtained content falsification chip value generation key (KicV—Encrypted).
- the encryption and decryption processing of the sector-compatible content key K c (XX) or the content tampering check value generation key (K i ev) described above is often executed based on a command from a device to which the media 2 is attached. You. In this case, the above-described mutual authentication is executed between the device and the media 2, and various processes such as content reproduction and storage are executed on condition that the mutual authentication process is established, and a series of content processing is performed. As one, the decryption and encryption processing of the content key described above is executed. When the decrypted key (ex. Content key K c (XX)) is transferred between the device and the medium 2, it is encrypted by the session key K ses generated during mutual authentication.
- Fig. 34 in Media 2, the key stored in the security header is decrypted in DES-CBC mode, and the decrypted key is further encrypted in DES-CBC mode using the session key Kses.
- An example of the processing configuration will be described.
- the upper part of Fig. 34 has the same configuration as Fig. 33.
- Encrypted content extracted from the security header is sequentially input to the DES decryption unit, and decryption processing is performed by applying the storage key K sto of the media 2. Execute and exclusive-OR the output result with the initial value or the previous data in the input data string to obtain the content key as the output result.
- control unit reads a header file of the content to be read (S701). This processing is executed as processing according to the above-described file reading processing flow of FIG. Next, the header set command and the read header file are transmitted to the memory interface (S702).
- the memory interface When the memory interface receives the header set command (S703), the memory interface The J flag is set to 1 (busy) (S704), and the tampering check value (ICV) of the header is verified (S705).
- the ICV check of the header is performed by applying the security header verification value generation key Kic — sh and the initial value IV sh in the ICV generation process described above with reference to FIG.
- the ICV is generated by performing a process of comparing the generated ICV with the ICV stored in the hegg in advance.
- S 706 If it is determined by the verification that the header has not been tampered with (S 706), it is checked whether the valid revocation list 'version in the header is not 0 (S 707). For example, when storing the content generated and stored in the own device in the memory, etc., set the relocation list and version to 0, and execute the process that does not refer to the revocation list during playback processing etc. Make it possible.
- step S710 If the revocation list version is 0, there is no need to refer to the revocation list, so the process proceeds to step S710. If the version is non-zero, it checks whether the currently set revocation list is older than the header purge line (S708), and if it is older, it proceeds to S713. The header set success flag is set to 0 (NG) and the process ends. If the set relocation list is not older than the header purge line, the flow advances to step S709 to refer to the revocation list to determine whether there is any content ID to be read. If there is, in step S713, the header setting success flag is set to 0 (NG) as a process to prohibit reading, and the process ends.
- step S710 the content key K c encrypted based on the header information and the content check value generation key K ic V—cont are stored. Decrypt. Note that the revocation list is set up in the memory interface at the time of startup as described in the flow at the time of startup in FIG. 16 described above, and after the setup, when the media is loaded or when the content is played back. Is a revocation list continuously available in the memory space.
- the security header includes a plurality of content keys K c (0) to K c (M— 1) is stored encrypted. Also, a content check value generation key KicV-cont for generating a content tampering check value (ICV) is encrypted and stored.
- FIG. 37 shows the decryption processing flow of the encrypted content key Kc and content check value generation key KicV-cont. Each step in FIG. 37 will be described.
- the processing in FIG. 37 is processing in the memory interface of the device. This is executed in the encryption processing section 320 of FIG.
- the encrypted content check value generation key Kicv_cont is selected as a decryption target (S801), and then, it is determined whether or not the encryption format type field of the header is set to 0. (S802).
- the encryption format is 0, the data structure is that the entire content is in one encryption mode regardless of the sector.
- FIG. 27 shows a method using a sector-by-sector encryption key described elsewhere. If the method uses an encryption key for each sector, the process advances to step S803 to decrypt the encrypted content key (Kc_EncryptedO to 31) set in sector #.
- step S 802 If the encryption format is determined to be 0 in step S 802, the encryption algorithm field of the header is further checked in step S 804, and 1 (triple DES) is set to 0 (single DES). If single DES, only one encryption content key (KcJncryptedO) is added as a decryption target in step S805, and if triple DES, multiple encryption content keys are added in step S806. (K c _EncryptedO, 1) is added as a decryption target.
- step S807 the setting of the content type field of the header is checked. If the setting is not 2 or 3 (storage content of medium 2), the memory section 3 2 is set in step S808. 1 (see FIG. 4), the data to be decrypted with the distribution key K dist, that is, the encrypted content value generation key K ic v—Decrypt cont and one or more content keys.
- step S809 the decryption target data, that is, the encrypted content check value generation key Kic V—cont and one or more content Decrypt with 2 storage key K sto (CB C mode).
- the decryption target data that is, the encrypted content check value generation key Kic V—cont and one or more content Decrypt with 2 storage key K sto (CB C mode).
- the decryption processing of the encrypted content check value generation key K i c V — cont and the one or more content keys K c in step S 809 using the storage key of the media 2 will be described with reference to the flow of FIG.
- the flow in Figure 38 shows the processing of the memory interface of the device on the left and the processing of the media 2 controller (see Figure 2) on the right.
- the memory interface sets the decryption target data K (0) to K ( ⁇ -1) (encryption content check value generation key KicV—cont and one or more content keys) (S1 00 1) Then, a CBC decryption initialization command is transmitted to the media 2 controller (S 1003), and the media 2 controller sets IVKeys in the register (S 1005). Thereafter, the memory interface sequentially transmits each key (S1004), and the media 2 controller receives the decryption target data K (i) (S1005).
- the media 2 controller performs a decryption process in the CBC mode using the storage key K sto of the media 2 for the received decryption target data K (i) (S 1007), and decrypts the decrypted key data.
- One night (ex. A content key corresponding to a plurality of sectors) is acquired (S1008).
- the media 2 controller performs an encryption process in the CBC mode using the session key generated at the time of mutual authentication with the device, and generates a data sequence K, (i) using the decryption key data sequence.
- the result is transmitted to DePice (S1009).
- the processing of steps S1007 to S1009 is executed based on the processing in the DES-CBC mode of FIG. 34 described above.
- the memory interface of the device receives K, (i) sequentially, and after confirming that all data has been received, sends a CBC end command to the media 2 controller.
- the media 2 controller waits for the registration after receiving the CBC end command. Clear (S1014).
- the memory interface of the Depice uses the initial value I V_keys stored in the memory section 32 1 (see Fig. 4) and applies the security key K ses generated at the time of mutual authentication with the media 2 to receive it from the media 2 in the CCB mode.
- K, (i) are decoded (S1010 to S1013, S1015). This decoding processing is the same processing as the configuration of FIG. 33 described above.
- the depeice can decrypt the encrypted content key K c and the content check value generation key K i c V- cont stored in the header, and obtain the respective keys.
- step S710 the memory interface of the device sets the header internally as a “read header”, sets the header set success flag to 1 (success), and sets the busy flag to 0 (wait) ( S 7 1 4) Set.
- step S711 the memory interface of the device sets the header internally as a “read header”, sets the header set success flag to 1 (success), and sets the busy flag to 0 (wait) ( S 7 1 4) Set.
- control unit sends a status read command to the memory interface in step S715, the busy flag is 0 (standby) (S716), and the header set success flag is 1 (Success)
- the control unit sends a status read command to the memory interface in step S715, the busy flag is 0 (standby) (S716), and the header set success flag is 1 (Success)
- the process proceeds to the next process (FIG. 36) on condition that it is (S717).
- step S721 of FIG. 36 the control unit obtains the sector addresses (S (1) to S (k)) of the content file to be read from the file allocation table, and sequentially acquires the sector addresses to the memory interface. Send sector S (i) read command.
- the memory interface Upon receiving the sector S (i) read command (S724), the memory interface sets the busy flag to 1 (busy) (S725) and sets the condition that the header success flag is 1 (success) (S725). 726) Then, proceed to the next step. If the header success flag is not 1 (success), the process proceeds to step S738, sets the read success flag to 0 (NG), and ends the process.
- the receiving sector S (i) (S727), and if it is an external memory, the media 1 or media 2 set flag is set to 1 (indicating that the media is set valid). Judgment is made (S728), and if the set flag is 1, the block permission table is further referred to and the BPT is allowed to read the sector S (i) to be read. It is determined whether the block is set as the target block (S729). If the BPT has a read permission program, the data of the corresponding sector is read from the external memory (S730).
- steps S728 and S729 are skipped. If the determination in steps S728 and S729 is No, that is, if the set flag of the medium storing the sector S (i) is not 1, or the read permission of the sector S (i) is set in the BPT If not, the flow advances to step S738 to set the read success flag to 0 as a read error.
- step S734 If it is a target of tampering check by ICV, in step S734, the content value generation key KicV—cont obtained by the decryption processing in step S710 is applied and the initial value IVcont is applied.
- the tampering check target data (sector data) is input, the I CV generation processing described with reference to FIG. 14 is executed, I CV, is obtained, and the comparison with the ICV stored in the redundant part of the sector is performed. If so, it is determined that there is no tampering.
- step S737 the data is decrypted based on the header information and the read success flag is set to 1 (success). Set to and store the decoded data in the buffer.
- control unit reads the status of the memory interface, and reads out the read data on condition that the read success flag is 1 while the busy flag is 0.
- the process of taking out from the buffer, saving, sequentially incrementing the address, sequentially taking out and saving the data from the buffer is repeatedly executed, and after saving all the sectors to be read, starting from the time of reading all the data from the sector. Configure the file and end the process.
- step S 736 in FIG. 36 The details of the decryption process in step S 736 in FIG. 36 will be described with reference to FIG.
- This decryption processing is executed in the encryption processing section 320 (see FIG. 4) of the memory interface of the device.
- the position of the data storage sector to be decoded is set to s (0 ⁇ s ⁇ 3 1 (when the number of sectors is 32)) (S 1101).
- it is checked whether the sector is to be encrypted (S1102). This check is based on the Encryption Flag in the security header (see Figure 7). If not, the decryption process is not performed and the process ends. If it is an object to be encrypted, check the encryption format type (S113). This checks the setting of the encryption format type (Encryption Format Type) in the security header. Either the entire content described in Fig. 8 is used as one encryption mode, or encryption using a different key for each sector is performed. It is determined whether the process is being performed.
- step S114 the encryption algorithm is determined.
- the encryption algorithm is set to single DES or triple DES (see Fig. 28). If it is determined that the single DES is used, one content key K c (0) is applied.
- a process for decrypting the encrypted content is executed (S1106). If it is determined to be triple DES, the decryption process of the encrypted content is executed by applying two content keys Kc (0) and Kc (1) (S1107).
- step S1103 the encryption format type (Encryption Format
- the encryption algorithm Encryption Algorithm
- the encryption algorithm sets whether it is single DES or triple DES (see Fig. 28). If it is determined that it is single DES, it is set corresponding to each sector (s).
- the encrypted content Kc (s) is applied to each sector to execute a process of decrypting the encrypted content (S111). If it is determined to be triple DES, the decryption process of the encrypted content for each sector is performed by applying two content keys Kc (s) and Kc (s + 1 mod 32) (S 1 10 9)
- FIG. 40 shows different processing modes of the sector data decoding processing.
- steps S1201 to S1208 are the same as steps S1101 to S1108 in FIG. Steps S 1209 to S 12 11 differ from FIG.
- the reproduction process including the decryption process of the encrypted and stored data is executed by the process described with reference to FIGS.
- the control unit transmits a header generation command corresponding to the storage content to be read and a parameter as header information to the memory interface.
- S1301 When the memory interface receives the header generation command (S1302), it sets the busy flag to 1 (busy) (S1303) and determines whether the reception parameter is within the allowable value (S133). S1304).
- the memory interface has a parameter range that can be set in the header in advance. If the received parameter exceeds the settable range compared with the received parameter, the header is successfully generated in step S1310. Set the flag to 0 (NG) and end the process. If the reception parameter is within the allowable range, the valid revocation list version of the header is set to 0 (S135), and data processing without reference to the relocation list is enabled. Setting the valid relocation list version to 0 is based on the assumption that the content that has been stored on its own device is guaranteed to be legitimate content, so that the revocation list This is a setting to enable data processing (reproduction) by reference.
- the write content is, for example, a content received from the outside via a communication means, and an identifier is added to the received content, and a revocation list version to be referred to is stored in a header. If matching with the list of contents is possible, instead of the above processing, the same steps as steps S707 to S709 performed in the file decryption read processing described above with reference to FIG. 35 are used. An identifier matching process using a pocket list may be performed.
- FIG. 43 shows details of the content key K c and the content tampering check value generation key K i c v_cont of step S 13 06 and the encryption process.
- the processing of FIG. 43 is executed in the cryptographic processing section 320 (see FIG. 4) of the memory interface of the device. The flow of FIG. 43 will be described.
- an encryption content check value generation key KicV—cont is generated based on, for example, a random number, and is set as an encryption target (S1401).
- the encryption format type field of the header is set. It is determined whether or not the setting is 0 (S1402). If the encryption format is 0, the entire content is in one encryption mode regardless of the sector, and the encryption format type field setting is 1. In this case, a method using an encryption key in sector units described in FIG. If an encryption key is used for each sector, the process advances to step S1403 to generate and encrypt a content key (Kc (0) to Kc (31) (in the case of 32 sectors)) set in the sector No. set to target.
- step S1404 If it is determined in step S1404 that the encryption format is 0, the encryption algorithm field in the header is further checked in step S1404, and 1 (triple DE S) or 0 (single DE S ) Is determined.
- step S1407 the setting of the content type field of the header is checked. If the setting is not 2 or 3 (contents stored in the medium 2), the memory section 32 1 (FIG. 4) Encrypt the content check value generation key K ic v_cont and one or more content keys with the delivery key K dist stored in.
- the setting is 2 or 3 (storage content of the media 2)
- the data that is, the content check value generation key K ic V—cont and one or more content keys are stored in the media 2 storage key K in step S1409. Encrypt with sto (CB C mode).
- the details of the encryption processing are as described with reference to FIGS. 32, 33, and 34.
- the encryption processing of the content check value generation key K i c V— cont and the one or more content keys K c in step S 1409 using the storage key of the media 2 will be described with reference to the flow of FIG.
- the front of Fig. 44 shows the processing of the memory interface of the device on the left side and the processing of the controller of the media 2 (see Fig. 2) on the right side.
- the memory interface on the device side sets the data to be encrypted K (0) to K (n-1) (content check value generation key Kic v_con and one or more content keys) (S1501). ) And the security generated during mutual authentication with Media 2. Applying the Yon key, encrypting the data to be encrypted K (0) to K ( ⁇ -1) in the DES-C CBC mode using the initial value I V_keys stored in the memory unit 321, and executing the data, ( 0) to ⁇ , ( ⁇ -1) are generated (S1502). This encryption processing is executed in a processing configuration similar to that of FIG. 32 described above.
- the memory interface sends a CBC encryption initialization command to the media 2 controller.
- the media 2 sets the initial value IV-keys stored in the media 2 in a register (S1506). Thereafter, the memory interface transmits each key sequentially (S1505).
- the media 2 controller receives the data K, (i) (S1507), and responds to the received data K, (i) in the CBC mode by the session key generated at the time of mutual authentication with the device. (S1508), and obtains the decrypted key data (ex. A content key corresponding to a plurality of sectors) (S1509).
- the media 2 controller performs an encryption process on the decryption key data sequence in the CCB mode using the storage key K sto of the media 2 to generate a data sequence K "(i).
- the result is transmitted to the device (S1510)
- the processing of steps S1507 to S1510 is executed based on the processing in the DES-CBC mode of FIG.
- the memory interface of the device sequentially receives K "(i) and, after confirming that all data has been received, sends a CBC end command to the media 2 controller (S1511 to S151).
- the media 2 controller clears the register upon receiving the CBC end command (S1515).
- the memory interface of the device uses K “(0) to K" ( ⁇ -1) received from the medium 2 as encryption key data for storing the header.
- the device can acquire the encrypted content key Kc and the content check value generation key KicV-cont stored in the header.
- step S1306 when the above-described generation and encryption of the header storage key are completed, the memory interface generates an alteration check value ICV based on the generated header data (S1307).
- ICV sh the check value of the security header
- ICV sh is Using the initial value IV sh stored in section 32 1 (see Fig. 4) and the security header tamper check value generation key KicV-sh, it is generated based on the ICV generation configuration described earlier with reference to Fig. 14. Is done.
- step S1308 the generated header is internally stored as a write header, and in step S1309, the header generation success flag is set to 1 (success), and the busy flag is set to 0 (standby).
- the control unit sends a status read command to the memory interface in step S 1312, the busy flag is 0 (standby) (S 13 13), and the header generation success flag is 1 (success).
- the header is read from the no-file buffer and saved in the medium as a normal file (S1315), and then the process proceeds to the next process (Fig. 42).
- step S1321 of FIG. 42 the control unit divides the content file to be written into sectors. Let the divided data be D (1) to D (k). Next, the control unit sets the write sector S (i) of each data D (i), and sequentially transmits the encrypted write command of the sector S (i) and the data D (i) to the memory interface ( S 1 32 1 to S 1 324). Upon receiving the sector S (i) encryption write command (S1325), the memory interface sets the busy flag to 1 (busy) (S1326) and sets the header generation success flag to 1 (success). (S 1 327), and proceeds to the next step.
- the memory interface determines whether the receiving sector S (i) is internal memory or external memory (S1328). If it is external memory, the media 1 or media 2 set flag is set to 1 (Indicating that the medium is set validly) (S1329), and if the set flag is 1, the block transmission table (BPT) is further determined. , It is determined whether the BPT has set the sector S (i) to be written as a write-permitted block (S1330). If the BPT has a write permission program set, an error correction code to be set corresponding to the sector is generated (S1331).
- the write sector is an ICV set sector based on the header information (ICV flag) (S 1332). If the sector is an ICV target, the content ICV generation key KicV ICV for sector data based on cont Generate (S1333).
- the memory interface executes data encryption based on the header information (S1334).
- the details of the data part encryption process in step SI 334 will be described with reference to FIG.
- This encryption processing is executed in the encryption processing section 320 (see FIG. 4) of the memory interface of the device.
- the storage sector position of the data to be encrypted is set to s (0 ⁇ s ⁇ 3 1 (when the number of sectors is 32)) (S1601).
- S1662 it is checked whether the sector is to be encrypted (S1662). This check is made based on the Encryption Flag in the security header (see Figure 7). If not, the encryption process is not performed and the process ends. If it is an object to be encrypted, the encryption format type is checked (S1663). This checks the setting of the encryption format type (Encryption Format Type) in the security header. Either the entire content described in FIG. 8 is used as one encryption mode, or encryption using a different key for each sector is performed. It is determined whether the process is being performed.
- step S164 the encryption algorithm is determined.
- the encryption algorithm is set to single DES or triple DES (see Fig. 28). If it is determined that the single DES is used, one content key K c (0) is applied.
- S166 To execute the encryption process of the encryption content (S166). If it is determined that the content is triple DES, encryption processing of the encrypted content is executed by applying the two content keys Kc (0) and Kc (1) (S1667).
- step S165 an encryption algorithm is determined.
- Single encryption algorithm! ) ES or triple DES (see Fig. 28) is set, and if it is determined that it is single DES, the content set for each sector (s) is set.
- the key Kc (s) is applied to each sector to execute encryption processing of the encryption content (S1608). If it is determined to be triple DES, the encryption process of each sector is executed by applying two content keys Kc (s) and Kc (s + 1 mod 32) (S1609).
- FIG. 46 shows a different processing mode of the decoding process in the sector data.
- steps S1701 to S1708 are the same as steps S1601 to S1608 in FIG.
- steps S1709 to S1711 differ from those in FIG.
- step S1329 and S1330 are skipped. If the determination of Sutedzupu S 1 32 9, S 1 330 is N o, that is, when media ⁇ set flags is not 1, or 8? 1 1 when the write permission sector 3 (i) is not set In step S1338, the flow advances to step S1338 to set the write success flag to 0 as a write error.
- control unit reads the status of the memory interface, and sequentially increments the address on condition that the write success flag is 1 while the busy flag is 0, The writing data is sequentially transmitted to the memory interface.
- the file allocation table is updated (S1346), and the updated file is updated.
- the aisle allocation table is sent to the memory interface together with the update command (S1347), and the memory interface executes the file allocation template write processing according to the command (S1340).
- the revocation list in the present invention is composed of a plurality of types (ex. Media, contents) of identifiers (ID). Multiple types of IDs are provided in the revocation list (Revocation List), which is the revocation information of content media, and each type of collation is performed as a different operation. However, it is possible to eliminate the media.
- the memory interface unit compares the identifier (ID) of the used media or used content with the listing ID of the relocation list. It is possible to prohibit the use of illegal media and the reading of illegal content.
- the revocation list version (Revocation List Version) is set in the revocation list, and the revocation list is added when new invalid media or content revocation information is added.
- the list is updated.
- Figure 47 shows the flow of updating the revocation list.
- the left side is the control unit of the device, and the right side is the memory interface of the device.
- control unit when the control unit receives an update revocation list from the communication unit 201 (see FIG. 2) (S1801), the control unit checks the update revocation list check command and the received update list. The revocation list is transmitted to the memory interface (S1802).
- the memory in interface When receiving the update revocation list check command and the update revocation list from the control unit (S1803), the memory in interface sets the busy flag to 1 (busy) (S1). 8 0 4) Check the revocation list for tampering. A peak value (ICV) generation key Kic v_r1 is generated (S1805).
- the falsification check value (ICV) generation key KicV—r1 for falsification check of the relocation list is used to generate the ICV key of the revocation list stored in the device in advance.
- Key: MKicv_rl and the initial value when generating the ICV key of the Relocation List (Revocation List): I Vicv_rl and the Relocation List included in the attribute information of the Relocation-Option list (Version) Generate based on Specifically, a falsification check value (ICV) generation key is generated based on a falsification check value (ICV) generation key Kicv_r1 DES (E, MKicv_rl, VersioiTI Vicv_rl). The meaning of the above expression is that the exclusive OR of one version (Version) and the initial value (I Vicv_rl) is used to execute the encryption process in the DES mode using the master key: MKicv_rl.
- the memory interface uses the generated falsification check value (ICV) generation key KicV-r1 to generate the ICV, of the relocation list (S1806), and stores it in the relocation list in advance.
- ICV falsification check value
- the correct I CV value and the matching I CV, 1 CV? Are executed (S1807).
- the generation process of ICV has been described with reference to FIG. 14 described above: Based on the DES mode, the process is performed by using the initial value I Vrl and applying the generated falsified chip value (ICV) generation key Kic v_r1. Is
- the revocation list for update is determined to be valid without tampering, and the flow advances to step S 1808 to set the currently set revocation list.
- the version of the update list (i) and the version of the update list (j) are compared (S1809), and if the version of the update list is newer, the update location list is updated. Set the valid flag to 1 (S1810), set the busy flag to 0 (S1811), and end the process.
- control unit sends the status read command to the memory interface (S1812), confirms that the busy flag has become 0 (S1813), and sets the update revocation list valid flag to "0". If it is 1 (S1814), the revocation list for updating is saved as a normal file in the internal memory (S1815). When processing content or checking when loading media, the internal memory The stored repo list is read.
- the version information is set in the relocation list. For example, at the time of content reading, the version of the relocation list currently held in the device is compared with the version of the valid revocation list in the content header. If the version of the retained relocation list is older, it is possible to perform a process to stop reading the content. As a result, unless the relocation list is updated, the contents cannot be read out, and illegal use of the contents using the old relocation list can be eliminated.
- the data reproducing apparatus the data recording apparatus, the data reproducing method, the data recording method, and the list updating method of the present invention
- the updating process of the relocation list for example, the update received from the communication path
- the relocation list is compared with the version information of the current relocation list, and only when it is determined that the renewal list is a newer relocation list, the relocation list is permitted to be updated. Since the configuration is allowed, it is possible to prevent processing such as illegal replacement with an old list.
- the revocation list is set up in the memory interface, and after the set up, the media is set up.
- the content can be used continuously when playing back the content, so there is no need to repeatedly read from the internal memory when using the content, and the process is executed efficiently Is done.
- the revocation list is set up in the memory interface, and after the setup, When the media is loaded and the content is played back, it can be used continuously, and the relocation list is provided with multiple types of repo-target IDs, i.e., media IDs and content IDs. Executable using the relocation list, it is possible to exclude multiple contents and media based on the list once set up in the memory interface, and when inserting media or reading content. In the Memory & Interface Department of Japan Reference processing of the list is executed efficiently, it is possible to prohibit reading of use or illegal content illegal media efficiently.
- the revocation list stores identifiers of both media and content of different categories, and the illegal A configuration that enables both media and illegal content to be eliminated based on one revocation list reduces the number of relocation lists held on the device side, and the device side when loading media and using content. Processing is reduced.
- a plurality of types of revocation targets are included in a revocation list, which is revocation information of a content or a medium.
- An ID that is, a media ID and a content ID are provided, and the matching process on each device side is performed differently. For example, when the media is loaded, the matching is performed with the media identifier, and when the content is played back, the matching is performed with the content identifier, so that one re-pocketing is performed.
- Multiple content and media can be excluded from the content list, and the referencing process of the revocation list in the memory interface section when media is inserted and content is read out is executed efficiently, and illegal Use inappropriate media or read illegal content Extrusion can be effectively prohibited.
Landscapes
- Engineering & Computer Science (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Technology Law (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Signal Processing For Digital Recording And Reproducing (AREA)
- Storage Device Security (AREA)
- Management Or Editing Of Information On Record Carriers (AREA)
- Management, Administration, Business Operations System, And Electronic Commerce (AREA)
- Television Signal Processing For Recording (AREA)
- Reverberation, Karaoke And Other Acoustics (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
EP01976764A EP1235380A1 (en) | 2000-10-20 | 2001-10-19 | Data reproducing/recording apparatus / method and list updating method |
KR1020027007930A KR20020064945A (en) | 2000-10-20 | 2001-10-19 | Data reproducing/recording apparatus/method and list updating method |
HK03105404.6A HK1056453A1 (en) | 2000-10-20 | 2003-07-25 | Data reproducing/recording apparatus/method and list updating method |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2000-320804 | 2000-10-20 | ||
JP2000320804A JP4622082B2 (en) | 2000-10-20 | 2000-10-20 | DATA REPRODUCING DEVICE, DATA RECORDING DEVICE, DATA REPRODUCING METHOD, DATA RECORDING METHOD, LIST UPDATE METHOD, AND PROGRAM PROVIDING MEDIUM |
Publications (2)
Publication Number | Publication Date |
---|---|
WO2002033880A1 WO2002033880A1 (en) | 2002-04-25 |
WO2002033880A9 true WO2002033880A9 (en) | 2004-03-04 |
Family
ID=18799031
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/JP2001/009182 WO2002033880A1 (en) | 2000-10-20 | 2001-10-19 | Data reproducing/recording apparatus / method and list updating method |
Country Status (8)
Country | Link |
---|---|
US (1) | US20020184259A1 (en) |
EP (1) | EP1235380A1 (en) |
JP (1) | JP4622082B2 (en) |
KR (1) | KR20020064945A (en) |
CN (1) | CN1397123A (en) |
HK (1) | HK1056453A1 (en) |
TW (1) | TW550923B (en) |
WO (1) | WO2002033880A1 (en) |
Families Citing this family (42)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
KR100727918B1 (en) * | 2002-08-03 | 2007-06-14 | 삼성전자주식회사 | Information storage medium and recording and/or reproducing method thereof |
CN1512357A (en) * | 2002-12-30 | 2004-07-14 | �ʼҷ����ֵ��ӹɷ�����˾ | Method and system for increasing optical disc copy system extension property |
JP4043388B2 (en) * | 2003-03-20 | 2008-02-06 | ソニー株式会社 | Playback apparatus and playback method |
JP2004295373A (en) * | 2003-03-26 | 2004-10-21 | Sony Corp | Information recording medium, information processor, information recording medium manufacturing device and method, and computer program |
US20040205345A1 (en) * | 2003-04-11 | 2004-10-14 | Ripley Michael S. | System for identification and revocation of audiovisual titles and replicators |
JP4059185B2 (en) * | 2003-10-15 | 2008-03-12 | ソニー株式会社 | Information processing apparatus, information recording medium, information processing method, and computer program |
WO2005052802A1 (en) * | 2003-11-25 | 2005-06-09 | Matsushita Electric Industrial Co.,Ltd. | Authentication system |
US7539307B2 (en) * | 2003-11-26 | 2009-05-26 | International Business Machines Corporation | System, method, and service for delivering enhanced multimedia content on physical media |
US7571197B2 (en) * | 2004-05-19 | 2009-08-04 | Unisys Corporation | Method and apparatus for synchronizing dataset object properties with underlying database structures |
JP2005338959A (en) * | 2004-05-24 | 2005-12-08 | Sony Corp | Information processor, execution decision method, and computer program |
JP2006119736A (en) * | 2004-10-19 | 2006-05-11 | Pioneer Electronic Corp | Storage state recognition apparatus, storage processing device, process execution apparatus, storage state recognition system, its method, its program, and recording medium for recording this program |
US8121952B2 (en) * | 2004-12-10 | 2012-02-21 | International Business Machines Corporation | System, method, and service for delivering multimedia content by means of a permission to decrypt titles on a physical media |
JP4715233B2 (en) * | 2005-02-25 | 2011-07-06 | ソニー株式会社 | Information processing apparatus, information recording medium manufacturing method, and computer program |
JP4702596B2 (en) * | 2005-02-28 | 2011-06-15 | ソニー株式会社 | Decoding circuit, decoding device, decoding method, and decoding program |
CN101213785A (en) * | 2005-06-29 | 2008-07-02 | 皇家飞利浦电子股份有限公司 | Device and method for key block based authentication |
US7634816B2 (en) * | 2005-08-11 | 2009-12-15 | Microsoft Corporation | Revocation information management |
JP4670585B2 (en) * | 2005-10-26 | 2011-04-13 | ソニー株式会社 | Setting apparatus and method, and program |
JP2007219647A (en) * | 2006-02-14 | 2007-08-30 | Toshiba Corp | Portable terminal |
JP4731399B2 (en) * | 2006-05-17 | 2011-07-20 | 三菱電機株式会社 | Optical disc apparatus and data processing method |
US7721021B2 (en) * | 2006-11-21 | 2010-05-18 | Lsi Corporation | SAS zone group permission table version identifiers |
JP4757179B2 (en) | 2006-11-30 | 2011-08-24 | ソニー株式会社 | Information processing apparatus, information recording medium, information processing method, and computer program |
EP2044531A4 (en) * | 2007-01-19 | 2010-01-13 | Lg Electronics Inc | Method for protecting content |
CN101542471A (en) * | 2007-01-19 | 2009-09-23 | Lg电子株式会社 | Method for protecting content and method for processing information |
KR20080084470A (en) * | 2007-03-16 | 2008-09-19 | 삼성전자주식회사 | Portable memory apparatus protectable content and method for manufacturing the apparatus |
KR20090001605A (en) * | 2007-05-03 | 2009-01-09 | 삼성전자주식회사 | Mobile recording media comprising reproduction setting information and content reproducing apparatus and method for reproducing contents using reproduction setting information |
US20080320301A1 (en) * | 2007-06-20 | 2008-12-25 | Samsung Electronics Co., Ltd. | Method and apparatus for restricting operation of device |
KR101197220B1 (en) | 2007-07-31 | 2012-11-02 | 삼성전자주식회사 | Method and apparatus for managing device revocation list |
EP2191391A4 (en) * | 2007-08-17 | 2010-09-22 | Korea Electronics Telecomm | System renewability message providing method and system renewability message using method and apparatus thereof |
CN101796837B (en) | 2007-09-11 | 2012-12-19 | Lg电子株式会社 | Secure signing method, secure authentication method and IPTV system |
US9223787B2 (en) * | 2008-09-26 | 2015-12-29 | Apple Inc. | Systems and methods for sideband communication between device and host to minimize file corruption |
US20100250502A1 (en) * | 2009-03-27 | 2010-09-30 | Kiyokazu Saigo | Method and apparatus for contents de-duplication |
JP4994416B2 (en) * | 2009-04-13 | 2012-08-08 | ソニー株式会社 | Information processing apparatus, information recording medium, information processing method, and computer program |
CN102132521B (en) * | 2009-06-30 | 2014-09-24 | 松下电器产业株式会社 | Data exchange processing device and data exchange processing method |
JP5598115B2 (en) * | 2010-06-24 | 2014-10-01 | ソニー株式会社 | Information processing apparatus, information processing method, and program |
JP5552917B2 (en) * | 2010-06-24 | 2014-07-16 | ソニー株式会社 | Information processing apparatus, information processing method, and program |
EP2597588B1 (en) * | 2010-07-23 | 2021-04-14 | Panasonic Corporation | Information processing device, controller, certificate issuing authority, method of determining validity of revocation list, and method of issuing certificates |
US8799598B2 (en) * | 2012-02-17 | 2014-08-05 | Spansion Llc | Redundancy loading efficiency |
US9690837B1 (en) * | 2013-06-28 | 2017-06-27 | EMC IP Holding Company LLC | Techniques for preserving redundant copies of metadata in a data storage system employing de-duplication |
KR102144517B1 (en) * | 2013-12-31 | 2020-08-14 | 원스팬 인터내셔널 게엠베하 | Electronic signing methods, systems and apparatus |
JP6170844B2 (en) * | 2014-02-14 | 2017-07-26 | 株式会社Nttドコモ | Authentication information management system |
US10783505B2 (en) * | 2014-08-11 | 2020-09-22 | Disney Enterprises Inc. | Systems and methods for providing media content |
US11386067B2 (en) * | 2015-12-15 | 2022-07-12 | Red Hat, Inc. | Data integrity checking in a distributed filesystem using object versioning |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5949877A (en) * | 1997-01-30 | 1999-09-07 | Intel Corporation | Content protection for transmission systems |
JP4496440B2 (en) * | 1998-01-12 | 2010-07-07 | ソニー株式会社 | Encrypted content transmission device |
JP3724962B2 (en) * | 1998-11-13 | 2005-12-07 | 株式会社東芝 | Information processing apparatus with access control function and storage medium |
US6882728B1 (en) * | 1999-04-28 | 2005-04-19 | Hitachi, Ltd. | Reproduction apparatus and decoding apparatus |
EP1118184B1 (en) * | 1999-08-09 | 2005-12-14 | Koninklijke Philips Electronics N.V. | Updating a revocation list to foil an adversary |
JP2001166886A (en) * | 1999-09-30 | 2001-06-22 | Toshiba Tec Corp | Multiplex storage controller |
JP2002132583A (en) * | 2000-10-20 | 2002-05-10 | Sony Corp | Data processing apparatus, data storage device and data processing method, and program providing medium |
-
2000
- 2000-10-20 JP JP2000320804A patent/JP4622082B2/en not_active Expired - Fee Related
-
2001
- 2001-10-11 TW TW090125133A patent/TW550923B/en active
- 2001-10-19 EP EP01976764A patent/EP1235380A1/en not_active Withdrawn
- 2001-10-19 US US10/168,226 patent/US20020184259A1/en not_active Abandoned
- 2001-10-19 CN CN01804335A patent/CN1397123A/en active Pending
- 2001-10-19 WO PCT/JP2001/009182 patent/WO2002033880A1/en not_active Application Discontinuation
- 2001-10-19 KR KR1020027007930A patent/KR20020064945A/en not_active Application Discontinuation
-
2003
- 2003-07-25 HK HK03105404.6A patent/HK1056453A1/en unknown
Also Published As
Publication number | Publication date |
---|---|
WO2002033880A1 (en) | 2002-04-25 |
EP1235380A1 (en) | 2002-08-28 |
JP4622082B2 (en) | 2011-02-02 |
KR20020064945A (en) | 2002-08-10 |
JP2002135243A (en) | 2002-05-10 |
US20020184259A1 (en) | 2002-12-05 |
CN1397123A (en) | 2003-02-12 |
TW550923B (en) | 2003-09-01 |
HK1056453A1 (en) | 2004-02-13 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2002033880A9 (en) | Data reproducing/recording apparatus / method and list updating method | |
JP2002132583A (en) | Data processing apparatus, data storage device and data processing method, and program providing medium | |
TW514845B (en) | Data storage regenerator and data storage processing method and program providing media | |
JP2002132585A (en) | Information recording apparatus, information reproducing apparatus, information recording medium, information recording method, information reproducing method, and program providing medium | |
AU785421B2 (en) | Data authentication system | |
JP4687703B2 (en) | RECORDING SYSTEM, INFORMATION PROCESSING DEVICE, STORAGE DEVICE, RECORDING METHOD, AND PROGRAM | |
JP2002132141A (en) | Data memory and data recording method, data reproducing method as well as program provision medium | |
JP2004185152A (en) | License moving device and program | |
CN101874248A (en) | Recording/reproducing system, recording medium device, and recording/reproducing device | |
KR20010108397A (en) | Storage device authentication system | |
JP2000311114A (en) | Computer system and contents protecting method | |
JP2008009631A (en) | Storage device and storage method | |
WO2005067198A1 (en) | Information processing device | |
JP2002132456A (en) | Information recording device, information reproducing device, information recording method, information reproducing method, information recording medium and program providing medium | |
JP4592804B2 (en) | Key management device and key management system | |
JP2003505752A (en) | Methods and systems for providing copy protection on storage media and storage media used in such systems | |
JP2006127485A (en) | Device and method for reproducing content | |
US20100313034A1 (en) | Information processing apparatus, data recording system, information processing method, and program | |
JP2003099332A (en) | Data processing system, data record reproducing device, recording device, method, and program providing medium | |
JP4638160B2 (en) | Copyright protection system, recording device, playback device, and recording medium | |
JP4269507B2 (en) | DATA REPRODUCING DEVICE, DATA RECORDING DEVICE, DATA REPRODUCING METHOD, DATA RECORDING METHOD, AND PROGRAM PROVIDING MEDIUM | |
JP2000163882A (en) | Digital literary production recording medium, recording device accessing same recording medium, and reproducing device and deleting device | |
JP4674396B2 (en) | DATA REPRODUCING DEVICE, DATA RECORDING DEVICE, DATA REPRODUCING METHOD, DATA RECORDING METHOD, AND PROGRAM PROVIDING MEDIUM | |
JP2003273861A (en) | Content utilization management system, information processing device and method, as well as computer program | |
JP4100845B2 (en) | Information recording / reading method and apparatus |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): CN KR US |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE TR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10168226 Country of ref document: US |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2001976764 Country of ref document: EP Ref document number: 1020027007930 Country of ref document: KR |
|
WWE | Wipo information: entry into national phase |
Ref document number: 018043356 Country of ref document: CN |
|
WWP | Wipo information: published in national office |
Ref document number: 1020027007930 Country of ref document: KR |
|
WWP | Wipo information: published in national office |
Ref document number: 2001976764 Country of ref document: EP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2001976764 Country of ref document: EP |
|
COP | Corrected version of pamphlet |
Free format text: PAGES 27/47-34/47, DRAWINGS, ADDED |